Home » Online Safety » Other » Browser safety & issues » SSLv3 Poodle Attack Check
All browsers have deactivated the SSL-Version 3.0 by default.
If you see a poodle below, then your browser supports SSLv3 via block ciphers, and you may be vulnerable. If you see a Labrador below, your browser doesn’t support SSLv3, or only supports SSLv3 using stream ciphers.
Make sure you clear your cache between tests.
The test requires that you are able to connect to an SSLv3 only site. There are some false positives/false negatives that you may experience. For example, if your connection is slow, the connection to the test site will time out and your browser may wrongly show up as not vulnerable.
Firefox is picky as to what ciphers it accepts. The test site supports a wide range of ciphers to allow Firefox to connect.
Apple stated that the Safari update released on Oct 17th no longer allows block ciphers via SSLv3. The test site (on purpose) only supports block ciphers as they are vulnerable to POODLE. However, the testing so far shows that Safari will still connect to the test site using ciphers like AES256. Safari should show up as not-vulnerable if it only supports stream ciphers over SSLv3.
Some issues have been reported.