Is POODLE vulnerabilty included in Watchtower/Heartbleed security audits?

Superfandominatrix · December 2014

The title is basically my question... does Watchtower / Heartbleed include website security status for POODLE vulnerability a la a list like this vv ... ?

https://www.ssllabs.com/ssltest/index.html

I realize end-use browsers also need to be fixed as per test results from this tester website vv ... ?

https://zmap.io/sslv3/

Superfandominatrix · December 2014

Follow up comment... using the baked-in 1PW browser against https://www.poodletest.com/, I'm seeing that 1PW's browser is vulnerable to POODLE. Outside of 1PW on IOS 8.1.2, both Safari and Dolphin browser are showing vulnerable as well.

What is going on? Should we avoid using 1PW while connected to unsecured networks?

Megan · December 2014

Hi @Superfandominatrix,

I've asked our security guru ( @jpgoldberg ) to pop in here and offer his wisdom. :)

Superfandominatrix · January 2015

Thanks Megan, I do hope your guru can stop by after the holiday rush is over.

Ben · January 2015

We have an improvement request filed for this. Thanks!

ref: WT-23

Is POODLE vulnerabilty included in Watchtower/Heartbleed security audits?

Comments