The World NEXT ends
Recent Entries
- Driving around Baton Rouge yes
- Looks notable: Google, Microso
- Perspective - Welcome to the t
- and the spinning is on... IBM
- Trying to work out what was mi
- Three points that Lotusphere,
- I, Cringley: IBM’s reor
- Domino customer? Please call I
- IBM’s POODLE TLS fixes f
- Rethinking Ray Ozzie
- Good! Communication on upcomin
- What IBM’s response to t
- I, Cassandra? If you’re
- Apparent (small) update from I
- Poor Domino users. For folks w
- Re: IBM Domino and SHA-1 / SHA
- Hey, IBM! While you’re a
- Google accelerates end of SHA-
- (Repost): IBM... PLEASE update
- Something was added in the lat
Blog Roll
Categories
Archives
- April 2016 (1)
- March 2016 (1)
- January 2015 (7)
- November 2014 (1)
- October 2014 (7)
- September 2014 (1)
- August 2014 (2)
- November 2012 (1)
- December 2011 (3)
- September 2011 (1)
- August 2011 (1)
- July 2011 (4)
- May 2011 (1)
- April 2011 (1)
- February 2011 (1)
- January 2011 (8)
- December 2010 (9)
- October 2010 (1)
- September 2010 (2)
- August 2010 (4)
- July 2010 (4)
- June 2010 (1)
- May 2010 (6)
- April 2010 (11)
- March 2010 (7)
- January 2010 (17)
- December 2009 (6)
- October 2009 (6)
- September 2009 (9)
- August 2009 (6)
- July 2009 (4)
- March 2009 (6)
- February 2009 (9)
- January 2009 (16)
- December 2008 (11)
- November 2008 (6)
- October 2008 (2)
- September 2008 (11)
- August 2008 (23)
- July 2008 (18)
- June 2008 (4)
- May 2008 (6)
- April 2008 (2)
- March 2008 (7)
- February 2008 (8)
- January 2008 (24)
- December 2007 (16)
- November 2007 (19)
- October 2007 (16)
- September 2007 (5)
- July 2007 (1)
- June 2007 (13)
- May 2007 (34)
- April 2007 (29)
- March 2007 (1)
- January 2007 (1)
Links
For over 8 years, there's been post after post, PMR after PMR, IdeaJam idea after idea on upgrade Domino's SSL security in order to keep it current.
(Here's a google search for: Please upgrade Domino SSL )
While they've been very busy apparently doing nothing about this, IBM's also been very quiet about it, although they have acknowledged that IBM's PAYING CUSTOMERS think it's important (see here).
Now, we expect to hear something about how to fix this. SOON. It's not like IBM hasn't had time to prepare.
Give me details!
Bill Malchisky covers the actual vulnerability very well, so I'll send you his way for the techy detail: New SSL3 Exploit: The POODLE Is Here and Lifting Its Leg ( http://planetlotus.org/c4db50 )
Update See the comments for some mitigation options for Domino. UNTIL IBM FIXES THIS.
Craig Wiseman October 15th, 2014 07:50:22 AM