Wikimedia Blog/Drafts/Protecting users against POODLE by removing SSL 3.0 support/es

This was a draft for a blog post that has since been published at https://blog.wikimedia.org/2014/10/17/protecting-users-against-poodle-by-removing-ssl-3-0-support/

Title

Protegiendo usuarios contra POODLE por sacar SSL 3.0 soporte

Body

Para proteger nuestros usuarios contra el recientemente revelados POODLE vulnerabilidad de seguridad, estamos sacando soporte para SSL 3.0 encima todo Wikimedia sitios tan de 15:00 UTC (8:00 soy PDT) hoy.

SSL 3.0 es un outdated implementación del HTTPS protocolo de encriptación de la web. Personas de ayudas del HTTPS comunican más securely a través de redes por encriptar el dato envían y recibir en un navegador de web.

SSL 3.0 was introduced in 1996 and has long since been superseded in all modern browsers. This means that very few people will be affected by this change. However, if you still use Internet Explorer 6 (IE6), or another old browser that only supports SSL 3.0, you will be affected in the following ways:

  • It will no longer be possible to log into your user account while using IE6. Logins generally require an encrypted connection to prevent password snooping, and IE6 only supports SSL 3.0.
  • You will not be able to use HTTPS for browsing the Wikimedia projects while using IE6.
  • You will still be able to read Wikipedia and our other sites using an HTTP connection while using IE6.

We made this decision in order to protect all of our users. The POODLE vulnerability allows an attacker to to exploit weaknesses in the SSL 3.0 protocol, and potentially intercept a user’s data (something known as a man-in-the-middle attack). At the minimum, this could compromise the log-in details of registered users of the Wikimedia projects. IE6 is widely viewed as out of date and insecure, and Microsoft itself has urged users users to upgrade to modern alternatives for several years now. In fact, we disabled JavaScript for IE6 this past August, also for the purpose of protecting our users’ security.

If you are one of our affected users, we strongly encourage you to consider upgrading from IE6. We want everyone to be as secure as possible, and a modern, standards-compliant browser is a great place to start.

Mark Bergsma
WMF Director of Technical Operations;
WMF Lead Operations Architect

Notes

Ideas for social media messages promoting the published post:

Twitter (@wikimedia/@wikipedia):

(Tweet text goes here - max 117 characters)
---------|---------|---------|---------|---------|---------|---------|---------|---------|---------|---------|------/

Facebook/Google+

  • ...