{"id":8356,"date":"2014-10-20T14:25:27","date_gmt":"2014-10-20T14:25:27","guid":{"rendered":"https:\/\/gosqeng.test\/?p=759"},"modified":"2019-11-28T12:00:58","modified_gmt":"2019-11-28T12:00:58","slug":"ssl-vulnerability-poodle","status":"publish","type":"post","link":"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle","title":{"rendered":"CVE-2014-3566 Advisory"},"content":{"rendered":"<p>Earlier this week, Google Security <a href\"http:\/\/googleonlinesecurity.blogspot.co.uk\/2014\/10\/this-poodle-bites-exploiting-ssl-30.html\" target=\"_blank\" rel=\"noopener noreferrer\">published details<\/a> of a flaw in SSL 3.0, a protocol occasionally used for encrypting HTTPS traffic.<\/p>\n<h2>What are we doing about it?<\/h2>\n<p>Due to the nature of the flaw, the only safe way to prevent it is to disable all support for the SSL protocol in HTTPS connections. Fortunately, SSL has long-since been superseded by the Transport Layer Security (TLS) protocol, which is supported by all web browsers released since 2002. Since the GoSquared website and apps do not function on browsers older than that anyway, we were comfortable disabling SSL 3.0 support on all parts of the website and API, and did so immediately.<\/p>\n<p>In addition to disabling SSL 3.0 on the GoSquared website and API, we have also disabled it on all of our tracking endpoints, used to collect tracking data.<\/p>\n<h2>What does this mean for you?<\/h2>\n<p>If you are using the GoSquared apps or website, then you&#8217;re already using a recent-enough browser. You should see absolutely no change in the way you use GoSquared, and everything will continue to function as normal.<\/p>\n<p>As a result of this change, however, we are officially dropping secure tracking support for browsers that do not support SSL 3.0. What this means in real-world terms is that if you are tracking a site served over HTTPS then visitors using Internet Explorer 6 and earlier will no longer be tracked by GoSquared. We have measured this traffic to account for less than 0.001% of total traffic across our network, so chances are you won&#8217;t notice anything different in data reported by GoSquared anyway.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Earlier this week, Google Security published details of a flaw in SSL 3.0, a protocol occasionally used for encrypting HTTPS&#8230;<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1452],"tags":[],"class_list":["post-8356","post","type-post","status-publish","format-standard","hentry","category-engineering"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v18.6 (Yoast SEO v19.0) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>SSL vulnerability a.k.a. POODLE - GoSquared Engineering<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CVE-2014-3566 Advisory\" \/>\n<meta property=\"og:description\" content=\"Earlier this week, Google Security published details of a flaw in SSL 3.0, a protocol occasionally used for encrypting HTTPS...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle\" \/>\n<meta property=\"og:site_name\" content=\"GoSquared Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/GoSquared\" \/>\n<meta property=\"article:published_time\" content=\"2014-10-20T14:25:27+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-11-28T12:00:58+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@floopily\" \/>\n<meta name=\"twitter:site\" content=\"@GoSquared\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"JT\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.gosquared.com\/blog\/#organization\",\"name\":\"GoSquared\",\"url\":\"https:\/\/www.gosquared.com\/blog\/\",\"sameAs\":[\"https:\/\/instagram.com\/gosquaredteam\",\"https:\/\/www.linkedin.com\/company\/go-squared-ltd.\",\"https:\/\/www.facebook.com\/GoSquared\",\"https:\/\/twitter.com\/GoSquared\"],\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.gosquared.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.gosquared.com\/blog\/wp-content\/uploads\/2015\/07\/gosquared.png\",\"contentUrl\":\"https:\/\/www.gosquared.com\/blog\/wp-content\/uploads\/2015\/07\/gosquared.png\",\"width\":1270,\"height\":250,\"caption\":\"GoSquared\"},\"image\":{\"@id\":\"https:\/\/www.gosquared.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.gosquared.com\/blog\/#website\",\"url\":\"https:\/\/www.gosquared.com\/blog\/\",\"name\":\"GoSquared Blog\",\"description\":\"Turn visitors into customers.\",\"publisher\":{\"@id\":\"https:\/\/www.gosquared.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.gosquared.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle#webpage\",\"url\":\"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle\",\"name\":\"SSL vulnerability a.k.a. POODLE - GoSquared Engineering\",\"isPartOf\":{\"@id\":\"https:\/\/www.gosquared.com\/blog\/#website\"},\"datePublished\":\"2014-10-20T14:25:27+00:00\",\"dateModified\":\"2019-11-28T12:00:58+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.gosquared.com\/blog\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CVE-2014-3566 Advisory\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle#webpage\"},\"author\":{\"@id\":\"https:\/\/www.gosquared.com\/blog\/#\/schema\/person\/bfcd35bf2eba92ecbeea67937cd23eef\"},\"headline\":\"CVE-2014-3566 Advisory\",\"datePublished\":\"2014-10-20T14:25:27+00:00\",\"dateModified\":\"2019-11-28T12:00:58+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle#webpage\"},\"wordCount\":261,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.gosquared.com\/blog\/#organization\"},\"articleSection\":[\"Engineering\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.gosquared.com\/blog\/#\/schema\/person\/bfcd35bf2eba92ecbeea67937cd23eef\",\"name\":\"JT\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.gosquared.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/772e026206b900a5ba17ebbe63e34a4c8a9103524cf0ba3accfa38b14d7d03ba?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/772e026206b900a5ba17ebbe63e34a4c8a9103524cf0ba3accfa38b14d7d03ba?s=96&d=mm&r=g\",\"caption\":\"JT\"},\"description\":\"JT is a co-founder and the lead front-end engineer at GoSquared. He's responsible for the shiniest of the shiny projects we work on.\",\"sameAs\":[\"https:\/\/twitter.com\/floopily\"],\"url\":\"https:\/\/www.gosquared.com\/blog\/author\/jt\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"SSL vulnerability a.k.a. POODLE - GoSquared Engineering","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle","og_locale":"en_US","og_type":"article","og_title":"CVE-2014-3566 Advisory","og_description":"Earlier this week, Google Security published details of a flaw in SSL 3.0, a protocol occasionally used for encrypting HTTPS...","og_url":"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle","og_site_name":"GoSquared Blog","article_publisher":"https:\/\/www.facebook.com\/GoSquared","article_published_time":"2014-10-20T14:25:27+00:00","article_modified_time":"2019-11-28T12:00:58+00:00","twitter_card":"summary_large_image","twitter_creator":"@floopily","twitter_site":"@GoSquared","twitter_misc":{"Written by":"JT","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.gosquared.com\/blog\/#organization","name":"GoSquared","url":"https:\/\/www.gosquared.com\/blog\/","sameAs":["https:\/\/instagram.com\/gosquaredteam","https:\/\/www.linkedin.com\/company\/go-squared-ltd.","https:\/\/www.facebook.com\/GoSquared","https:\/\/twitter.com\/GoSquared"],"logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.gosquared.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.gosquared.com\/blog\/wp-content\/uploads\/2015\/07\/gosquared.png","contentUrl":"https:\/\/www.gosquared.com\/blog\/wp-content\/uploads\/2015\/07\/gosquared.png","width":1270,"height":250,"caption":"GoSquared"},"image":{"@id":"https:\/\/www.gosquared.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"WebSite","@id":"https:\/\/www.gosquared.com\/blog\/#website","url":"https:\/\/www.gosquared.com\/blog\/","name":"GoSquared Blog","description":"Turn visitors into customers.","publisher":{"@id":"https:\/\/www.gosquared.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.gosquared.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle#webpage","url":"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle","name":"SSL vulnerability a.k.a. POODLE - GoSquared Engineering","isPartOf":{"@id":"https:\/\/www.gosquared.com\/blog\/#website"},"datePublished":"2014-10-20T14:25:27+00:00","dateModified":"2019-11-28T12:00:58+00:00","breadcrumb":{"@id":"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.gosquared.com\/blog"},{"@type":"ListItem","position":2,"name":"CVE-2014-3566 Advisory"}]},{"@type":"Article","@id":"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle#article","isPartOf":{"@id":"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle#webpage"},"author":{"@id":"https:\/\/www.gosquared.com\/blog\/#\/schema\/person\/bfcd35bf2eba92ecbeea67937cd23eef"},"headline":"CVE-2014-3566 Advisory","datePublished":"2014-10-20T14:25:27+00:00","dateModified":"2019-11-28T12:00:58+00:00","mainEntityOfPage":{"@id":"https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle#webpage"},"wordCount":261,"commentCount":0,"publisher":{"@id":"https:\/\/www.gosquared.com\/blog\/#organization"},"articleSection":["Engineering"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.gosquared.com\/blog\/ssl-vulnerability-poodle#respond"]}]},{"@type":"Person","@id":"https:\/\/www.gosquared.com\/blog\/#\/schema\/person\/bfcd35bf2eba92ecbeea67937cd23eef","name":"JT","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.gosquared.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/772e026206b900a5ba17ebbe63e34a4c8a9103524cf0ba3accfa38b14d7d03ba?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/772e026206b900a5ba17ebbe63e34a4c8a9103524cf0ba3accfa38b14d7d03ba?s=96&d=mm&r=g","caption":"JT"},"description":"JT is a co-founder and the lead front-end engineer at GoSquared. He's responsible for the shiniest of the shiny projects we work on.","sameAs":["https:\/\/twitter.com\/floopily"],"url":"https:\/\/www.gosquared.com\/blog\/author\/jt"}]}},"wps_subtitle":"SSL Vulnerability a.k.a. POODLE","_links":{"self":[{"href":"https:\/\/www.gosquared.com\/blog\/wp-json\/wp\/v2\/posts\/8356","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.gosquared.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.gosquared.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.gosquared.com\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/www.gosquared.com\/blog\/wp-json\/wp\/v2\/comments?post=8356"}],"version-history":[{"count":0,"href":"https:\/\/www.gosquared.com\/blog\/wp-json\/wp\/v2\/posts\/8356\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.gosquared.com\/blog\/wp-json\/wp\/v2\/media?parent=8356"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.gosquared.com\/blog\/wp-json\/wp\/v2\/categories?post=8356"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.gosquared.com\/blog\/wp-json\/wp\/v2\/tags?post=8356"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}