The Poodle flaw prompted Mozilla's Firefox team to back away from Secure Sockets Layer version 3.0 and now Apple is taking a similar strategy, ending support for the vulnerable encryption standard on its Push notifications service.
Apple announced on its developer's site it was transitioning Apple Push Notifications service away from SSL 3.0 to the newer and more secure Transport Layer Security standard. The tech company is urging developers to make the same move to maintain compatibility with the Push server.
"Providers using only SSL 3.0 will need to support TLS as soon as possible to ensure the Apple Push Notification service continues to perform as expected," stated Apple in the bulletin. "Providers that support both TLS and SSL 3.0 will not be affected and require no changes." The Apple Push Notification server ends support for SSL 3.0 on Oct. 29.
Mozilla says security watchdogs at Google discovered the Poodle flaw in late September. Poodle is an acronym for Padding Oracle On Downgraded Legacy Encryption.
In announcing the next version of Firefox will come with SSL 3.0 turned off by default, Mozilla heralded the end of the security protocol and encouraged holdovers to make the transition to TLS as soon as possible.
"Any website that supports SSLv3 is vulnerable to Poodle, even if it also supports more recent versions of TLS," stated Mozilla. "In particular, these servers are subject to a downgrade attack, in which the attacker tricks the browser into connecting with SSLv3. This relies on a behavior of browsers called insecure fallback, where browsers attempt to negotiate lower versions of TLS or SSL when connections fail."
Mozilla estimates approximately 0.1 percent of the Internet still uses SSL 3.0, but says that figure means there are still millions of transactions each day vulnerable to an attack through the Poodle flaw.
Both Web browsers and servers must offer support for TLS, otherwise the connection will downgrade to the exposed SSL standard.
Hackers can use the Poodle flaw to perpetrate a man in the middle attack. In rebuffing server requests, each exchange of information reveals a different bit of information about the secure data being sent.
"The attacker proceeds to the next byte by changing the sizes of request path and body simultaneously such that the request size stays the same but the position of the headers is shifted, continuing until it has decrypted as much of the cookies as desired," says Google.
