Archive News

15 October 2014 Christine Hassall

Senior shielded from shellshock and poodle bugs

At Senior Internet it’s important for us to be on constant watch for anything in the digital world which could affect our clients. One subject that’s a constant concern is that of internet security; without it, we wouldn’t be here!

Which is why when we became aware of threats such as ‘Shellshock’ in late September, and the more recent ‘Poodle’, we wanted to spread the word to our clients as soon as possible.

What is Shellshock?

For those who haven’t heard; Shellshock is a family of security bugs which affect those in the Unix Bash Shell, and was first disclosed on 24th September this year. Those who use Bash to process certain requests are most at risk; an attacker could gain unauthorized access to a computer system by causing certain vulnerable versions to execute arbitrary commands. The bug has been compared to the infamous Heartbleed bug in its severity and could compromise millions of servers. Shellshock has been given an extremely high threat level of 10.

What is Poodle?

Poodle is a more recent bug and isn’t as threatening as Shellshock or Heartbleed, although we’d still advise our clients to be on the lookout for it. Nicknamed ‘Poodle’ not for its French origins or fluffy aesthetics, but as a short hand for ‘Paddling Oracle On Downloaded Legacy Encryption’. Users of the source of the bug- an 18 year old encryption standard known as SSL 3.0- have been advised to disable all web browsers and server software connected with it.  The use of Poodle will enable hackers to take control of email and bank accounts as well as other services. In comparison with Shellshock; Poodle has only been given a threat level of 5.

What’s the good news?

Senior is a Level 1 ISP with our own server cluster. We maintain and update our hardware and software systems and take security very seriously. To sheild us from Shellshock we applied a security patch to our Linux environments as soon as we heard about the bug and to stop Poodle in its tracks we have removed SSL 3.0 from all our RiverCMS, Memberbase and e-Vol servers. This means that there is no threat at all to our clients from either Shellshock or Poodle. 

Many associations and companies use open source software as it is believed to be cost effective. However, as with anything, if cutting cost is the top priority when it comes to building and hosting a website then it can bite back, it can be that important things such as security and maintenance may be compromised.

The benefits of working with Senior Internet Ltd, as our catalogue of clients will confirm, is that we work together to not only to create unique, expertly crafted bespoke websites, but to maintain and protect them from harmful bugs and offer you ongoing support from the moment you sign on the dotted line! It’s just another reason to learn more about our services.

What you can do

  • Keep passwords and other information secure
  • Get in touch with Senior for more information