Support


Support

More
 

Notice

Ssl PoodleWhy we are safe from the SSL POODLE 


SSL 3.0 POODLE vulnerability

The POODLE attack which stands for "Padding Oracle On Downgraded Legacy Encryption" is a man-in-the-middle exploit which takes advantage of Internet and security software clients fallback to SSLv3 or SSLv2.

Google Security Team discovered this vulnerability and they disclosed it in September 2014. This type of attack is not consider as serious as the Heartbleed and Shellshock attacks.

We have checked all of our systems and none of them use this fall back method. We only use the latest standard in SSL which is TLS 1.0 so that all SSL communications with our servers is secure and protected. If you are still using the now 13 year old IE 6.0 or lower you should upgrade.













Heartbleed

Why we are safe from Heartbleed


We use Microsoft Windows Servers for all of our hosting accounts and our own site. We do not use OpenSSL. Most low cost hosting accounts use Unix or Linux servers which rely on open source software like OpenSSL.

In over fifteen years of business, we have never had a security breach or a server hacked.

If you don't know about the Heartbleed bug here is some information about it.

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

See more information about this at the New York Times website or at Heartbleed.com

Here are links to two third party sites. If you want to verify our site is safe for your self:

Click Here for Norton Safe Web - Heartbleed Check
Click Here for McAfee True Intelligence - Heartbleed Check


 




Portland: 503.914.6200  Arizona: 480.429.0996  Texas: 210.416.7201  Toll Free: 1.888.398.9483
WorldWide Merchant  1103 NE 130th Circle  Vancouver, WA 98685