{"id":6492,"date":"2014-11-30T07:29:11","date_gmt":"2014-11-30T07:29:11","guid":{"rendered":"https:\/\/dev.railscarma.com\/poodle-ssl-security-threat-explored\/"},"modified":"2022-08-30T07:32:51","modified_gmt":"2022-08-30T07:32:51","slug":"amenaza-a-la-seguridad-ssl-de-poodle-explorada-2","status":"publish","type":"post","link":"https:\/\/www.railscarma.com\/es\/blog\/articulos-tecnicos\/amenaza-a-la-seguridad-ssl-de-poodle-explorada-2\/","title":{"rendered":"Poodle: se explora la amenaza a la seguridad SSL"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"6492\" class=\"elementor elementor-6492\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-3800d95d elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"3800d95d\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-69f90962\" data-id=\"69f90962\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-343fe574 elementor-widget elementor-widget-text-editor\" data-id=\"343fe574\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p style=\"text-align: justify;\"><strong>Caniche<\/strong>&nbsp;Es una raza de perro con patas que se parecen al algod\u00f3n de az\u00facar. Es inteligente y un elemento b\u00e1sico habitual en las exposiciones caninas. Incluso los perros m\u00e1s amigables tienen propensi\u00f3n a morder. \u00a1Ahora vemos todo tipo de alertas de seguridad y problemas como el sangrado del coraz\u00f3n y el shock! La \u00faltima incorporaci\u00f3n es POODLE.<\/p>\n<p style=\"text-align: justify;\">\n<\/p><p style=\"text-align: justify;\">Todo esto comenz\u00f3 cuando un equipo de Google desarroll\u00f3 y prob\u00f3 un ataque llamado <strong>CANICHE<\/strong>&nbsp;(Padding Oracle On Downgraded Legacy Encryption) que descubri\u00f3 una vulnerabilidad en el protocolo Secure Sockets Layer (SSL) versi\u00f3n 3 o, en resumen, SSLv3.<\/p>\n<p style=\"text-align: justify;\">SSLv3 es un cifrado obsoleto pero que todav\u00eda se utiliza tanto en navegadores web nuevos como antiguos. (SSLv3 es un protocolo de 18 a\u00f1os que fue reemplazado por el protocolo TLS)<\/p>\n<p style=\"text-align: justify;\">POODLE intenta forzar la conexi\u00f3n entre su navegador web y el servidor para bajar a SSLv3. El ataque POODLE aprovecha la funci\u00f3n de negociaci\u00f3n de la versi\u00f3n del protocolo integrada en SSL\/TLS para forzar el uso de SSL 3.0 y luego utiliza esta nueva vulnerabilidad para descifrar contenido seleccionado dentro de la sesi\u00f3n SSL. El descifrado se realiza byte a byte y generar\u00e1 una gran cantidad de conexiones entre el cliente y el servidor.<\/p>\n<p style=\"text-align: justify;\"><strong>\u00bfC\u00f3mo lo hicieron?<\/strong><\/p>\n<p style=\"text-align: justify;\">Un atacante puede ejecutar un agente de JavaScript en un sitio web para hacer que el navegador de la v\u00edctima env\u00ede una cookie con solicitudes HTTPS a&nbsp;<b>https:\/\/xyz.com<\/b>, intercepte y modifique los registros SSL enviados por el navegador de tal manera que exista una posibilidad no insignificante de que xyz.com acepte el registro modificado. Si se acepta el registro modificado, el atacante puede descifrar un byte de las cookies. Galletas<\/p>\n<p style=\"text-align: justify;\">TLS 1.0 y versiones m\u00e1s recientes realizan una validaci\u00f3n m\u00e1s s\u00f3lida de los datos descifrados y, como tales, no son susceptibles al mismo problema. Pero para SSLv3 no hay soluci\u00f3n.<\/p>\n<p style=\"text-align: justify;\"><strong>\u00bfQu\u00e9 tan malo es esto y c\u00f3mo te afecta?<\/strong><\/p>\n<p style=\"text-align: justify;\">Las conexiones seguras utilizan principalmente TLS (el sucesor de SSL), la mayor\u00eda de los usuarios se vuelven vulnerables porque los navegadores y servidores web bajar\u00e1n a SSLv3 si hay problemas al negociar una sesi\u00f3n TLS. La mayor\u00eda de las implementaciones SSL\/TLS siguen siendo compatibles con SSL 3.0 para interoperar con sistemas heredados en aras de una experiencia de usuario fluida. Un atacante que realice un ataque de intermediario podr\u00eda provocar una degradaci\u00f3n del protocolo a SSLv3 y aprovechar esta vulnerabilidad para descifrar un subconjunto de la comunicaci\u00f3n cifrada y extraer informaci\u00f3n de ella. La vulnerabilidad POODLE solo funciona si el navegador del cliente y la conexi\u00f3n del servidor admiten SSLv3.<\/p>\n<p style=\"text-align: justify;\"><strong>\u00bfC\u00f3mo probar si mi navegador es vulnerable?<\/strong><\/p>\n<p style=\"text-align: justify;\">Vaya al sitio web poodletest.com para probar esto. Si ves un caniche, eres vulnerable. Si ves un Springfield Terrier, est\u00e1s a salvo.<\/p>\n<p style=\"text-align: justify;\">http:\/\/www.bolet.org\/TestSSLServer\/<br>http:\/\/code.google.com\/p\/sslaudit\/<\/p>\n<p style=\"text-align: justify;\"><strong>\u00bfQu\u00e9 puedo hacer para evitar esto? \u00bfVacuna para caniches?<\/strong><\/p>\n<p style=\"text-align: justify;\">Como usuario final, deshabilite la compatibilidad con SSLv3 en su navegador web. Si est\u00e1 deshabilitado, POODLE NO puede degradar su navegador a \u00e9l. Para fomentar las mejores pr\u00e1cticas de seguridad, recomiendo encarecidamente utilizar la versi\u00f3n m\u00e1s alta de TLS. Para la mayor\u00eda de los navegadores, deber\u00eda ser TLS 1.2.<strong><strong><br><\/strong><\/strong><\/p>\n<p style=\"text-align: justify;\"><strong>\u00bfEsto afectar\u00e1 mi experiencia de navegaci\u00f3n?<strong><br><\/strong><\/strong><\/p>\n<p style=\"text-align: justify;\">Esto tendr\u00e1 un impacto en algunos navegadores m\u00e1s antiguos. Los sitios web que ya han dejado de admitir SSLv3 dejar\u00e1n de ser compatibles con navegadores y sistemas operativos m\u00e1s antiguos. Los navegadores antiguos como Internet Explorer 6 que se ejecutan en Windows XP o versiones anteriores ver\u00e1n un error de conexi\u00f3n SSL.<\/p>\n<p style=\"text-align: justify;\"><strong>SSL v3<\/strong>&nbsp;estar\u00e1 deshabilitado de forma predeterminada en futuras versiones de muchos navegadores web.<\/p>\n<p style=\"text-align: justify;\"><strong>\u00bfC\u00f3mo desactivar esto en el servidor?<\/strong><\/p>\n<p style=\"text-align: justify;\">CloudFlare anunci\u00f3 que estaba deshabilitando SSLv3 de forma predeterminada en sus servidores. Lo mismo hicieron muchos proveedores de servicios.<\/p>\n<p style=\"text-align: justify;\">Si est\u00e1 ejecutando Apache, simplemente realice este cambio en su configuraci\u00f3n entre las otras directivas SSL:<\/p>\n<p style=\"text-align: justify;\">Protocolo SSL Todos -SSLv2 -SSLv3<\/p>\n<p style=\"text-align: justify;\">Esto deshabilita las versiones 2 y 3 del protocolo SSL.<\/p>\n<p style=\"text-align: justify;\"><strong>\u00bfC\u00f3mo pueden los desarrolladores evitar esto?<\/strong><strong><strong><br><\/strong><\/strong><\/p>\n<p style=\"text-align: justify;\"><b>.NETO<\/b><\/p>\n<p style=\"text-align: justify;\">Utilice la propiedad SecurityProtocol para habilitar TLS.<\/p>\n<p style=\"text-align: justify;\">Para obtener detalles sobre c\u00f3mo utilizar la propiedad SecurityProtocol, visite:<\/p>\n<p style=\"text-align: justify;\">http:\/\/msdn.microsoft.com\/en-us\/library\/system.net.servicepointmanager.securityprotocol(v=vs.110).as&#8230;<\/p>\n<p style=\"text-align: justify;\">http:\/\/msdn.microsoft.com\/en-us\/library\/system.net.securityprotocoltype(v=vs.110).aspx<\/p>\n<p style=\"text-align: justify;\">Como ejemplo, para forzar TLS 1.2 en una implementaci\u00f3n C# .NET, usar\u00eda:<\/p>\n<p style=\"text-align: justify;\">System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;<\/p>\n<p style=\"text-align: justify;\"><b>JAVA<\/b><\/p>\n<p style=\"text-align: justify;\">NOTA: TLS 1.2 se admiti\u00f3 por primera vez en JDK 7 y ser\u00e1 predeterminado en JDK 8: https:\/\/blogs.oracle.com\/java-platform-group\/entry\/java_8_will_use_tls<\/p>\n<p style=\"text-align: justify;\"><strong>Utilice el m\u00e9todo SSLContext.getInstance para habilitar TLS.<\/strong><\/p>\n<p style=\"text-align: justify;\"><strong>Para obtener detalles sobre c\u00f3mo utilizar el m\u00e9todo SSLContext.getInstance, visite:<\/strong><\/p>\n<p style=\"text-align: justify;\">http:\/\/docs.oracle.com\/javase\/7\/docs\/api\/javax\/net\/ssl\/SSLContext.html#getInstance(java.lang.String)<\/p>\n<p style=\"text-align: justify;\">http:\/\/docs.oracle.com\/javase\/7\/docs\/api\/javax\/net\/ssl\/SSLContext.html#getInstance(java.lang.String,&#8230;<\/p>\n<p style=\"text-align: justify;\">http:\/\/docs.oracle.com\/javase\/7\/docs\/technotes\/guides\/security\/StandardNames.html#SSLContext<\/p>\n<p style=\"text-align: justify;\">Por ejemplo, para usar el proveedor de capa de seguridad predeterminado para habilitar TLS, usar\u00eda:<\/p>\n<p style=\"text-align: justify;\">objeto = SSLContext.getInstance(\u201cTLS\u201d);<\/p>\n<p style=\"text-align: justify;\"><strong>Para forzar TLS 1.2 mientras usa Java Secure Socket Extension (JSSE) de Sun, usar\u00eda:<\/strong><\/p>\n<p style=\"text-align: justify;\">objeto = SSLConnect.getInstance(\u201cTLSv1.2\u201d, \u201cSunJSEE\u201d);<\/p>\n<p style=\"text-align: justify;\"><b>rizo<\/b><strong><strong><br><\/strong><\/strong><\/p>\n<p style=\"text-align: justify;\">Utilice la opci\u00f3n CURLOPT_SSLVERSION para habilitar TLS.<\/p>\n<p style=\"text-align: justify;\">Para obtener detalles sobre c\u00f3mo utilizar la opci\u00f3n CURLOPT_SSLVERSION, visite:<\/p>\n<p style=\"text-align: justify;\">http:\/\/curl.haxx.se\/libcurl\/c\/CURLOPT_SSLVERSION.html<\/p>\n<p style=\"text-align: justify;\">Como ejemplo, para forzar a cURL a usar TLS 1.0 o posterior, usar\u00edas:<\/p>\n<p style=\"text-align: justify;\">C\/C++\/C#:<\/p>\n<p style=\"text-align: justify;\">curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);<\/p>\n<p style=\"text-align: justify;\">PHP:<\/p>\n<p style=\"text-align: justify;\">curl_setopt($curl_request, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);<\/p>\n<p style=\"text-align: justify;\">En cURL 7.34.0 o posterior, para forzar TLS 1.2, usar\u00edas:<\/p>\n<p style=\"text-align: justify;\">C\/C++\/C#:<\/p>\n<p style=\"text-align: justify;\">curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);<\/p>\n<p style=\"text-align: justify;\">PHP:<\/p>\n<p style=\"text-align: justify;\">curl_setopt($curl_request, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);<\/p>\n<p style=\"text-align: justify;\"><a href=\"https:\/\/www.railscarma.com\/es\/\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>RielesCarma<\/strong><\/a> El equipo se prepar\u00f3 en modo de defensa total para tapar todos los agujeros que quedaron abiertos por esta vulnerabilidad. Aplicamos los parches necesarios a nuestras aplicaciones para desactivar las opciones SSL\/TLS inseguras.<\/p>\n<h3 style=\"text-align: justify;\"><strong>Referencias<\/strong><\/h3>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/community.developer.authorize.net\/t5\/The-Authorize-Net-Developer-Blog\/Important-POODLE-Information-Updated\/ba-p\/48163\">http:\/\/community.developer.authorize.net\/t5\/The-Authorize-Net-Developer-Blog\/Important-POODLE-Information-Updated\/ba-p\/48163<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/arstechnica.com\/security\/2014\/10\/ssl-broken-again-in-poodle-attack\/\">http:\/\/arstechnica.com\/security\/2014\/10\/ssl-broken-again-in-poodle-attack\/<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"https:\/\/zmap.io\/sslv3\/\">https:\/\/zmap.io\/sslv3\/<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"https:\/\/www.imperialviolet.org\/2014\/10\/14\/poodle.html\">https:\/\/www.imperialviolet.org\/2014\/10\/14\/poodle.html<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/blog.cryptographyengineering.com\/2014\/10\/attack-of-week-poodle.html\">http:\/\/blog.cryptographyengineering.com\/2014\/10\/attack-of-week-poodle.html<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"https:\/\/blog.mozilla.org\/security\/2014\/10\/14\/the-poodle-attack-and-the-end-of-ssl-3-0\/\">https:\/\/blog.mozilla.org\/security\/2014\/10\/14\/the-poodle-attack-and-the-end-of-ssl-3-0\/<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/www.theregister.co.uk\/2014\/10\/16\/poodle_analysis\/\">http:\/\/www.theregister.co.uk\/2014\/10\/16\/poodle_analysis\/<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/www.theregister.co.uk\/2014\/10\/14\/google_drops_ssl_30_poodle_vulnerability\/\">http:\/\/www.theregister.co.uk\/2014\/10\/14\/google_drops_ssl_30_poodle_vulnerability\/<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/www.pcworld.com\/article\/2834015\/security-experts-warn-of-poodle-attack-against-ssl-30.html\">http:\/\/www.pcworld.com\/article\/2834015\/security-experts-warn-of-poodle-attack-against-ssl-30.html<\/a><\/p>\n<p style=\"text-align: justify;\">http:\/\/www.alertlogic.com\/blog\/poodle-man-middle-attack-sslv3\/<\/p>\n<p style=\"text-align: justify;\"><a href=\"https:\/\/www.us-cert.gov\/ncas\/alerts\/TA14-290A\">https:\/\/www.us-cert.gov\/ncas\/alerts\/TA14-290A<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"https:\/\/www.openssl.org\/~bodo\/ssl-poodle.pdf\">https:\/\/www.openssl.org\/~bodo\/ssl-poodle.pdf<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/www.makeuseof.com\/tag\/stop-poodle-from-biting-your-browser\/\">http:\/\/www.makeuseof.com\/tag\/stop-poodle-from-biting-your-browser\/<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"https:\/\/community.qualys.com\/blogs\/securitylabs\/2014\/10\/15\/ssl-3-is-dead-killed-by-the-poodle-attack\">https:\/\/community.qualys.com\/blogs\/securitylabs\/2014\/10\/15\/ssl-3-is-dead-killed-by-the-poodle-attack<\/a><\/p>\n<h3 style=\"text-align: justify;\"><\/h3>\n<h3 style=\"text-align: justify;\"><strong>Deshabilitar caniche<\/strong><\/h3>\n<p style=\"text-align: justify;\"><a href=\"https:\/\/www.linode.com\/docs\/security\/security-patches\/disabling-sslv3-for-poodle\">https:\/\/www.linode.com\/docs\/security\/security-patches\/disabling-sslv3-for-poodle<\/a><\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/askubuntu.com\/questions\/537196\/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566\">http:\/\/askubuntu.com\/questions\/537196\/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566<\/a><\/p>\n<p><a href=\"\/es\/contactenos\/\">P\u00f3ngase en contacto con nosotros.<\/a><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-18abb3a8 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"18abb3a8\" data-element_type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-20ff2b60\" data-id=\"20ff2b60\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-738ca7ed elementor-widget elementor-widget-heading\" data-id=\"738ca7ed\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Suscr\u00edbete para recibir las \u00faltimas actualizaciones<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3ca92304 elementor-widget elementor-widget-shortcode\" data-id=\"3ca92304\" data-element_type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t\t\t\t<script type=\"text\/javascript\">\n\t\t\t\t\t\tvar gCaptchaSibWidget;\n                        var onloadSibCallbackInvisible = function () {\n\n                            var element = document.getElementsByClassName('sib-default-btn');\n                            var countInvisible = 0;\n                            var indexArray = [];\n                            jQuery('.sib-default-btn').each(function (index, el) {\n                                if ((jQuery(el).attr('id') == \"invisible\")) {\n                                    indexArray[countInvisible] = index;\n                                    countInvisible++\n                                }\n                            });\n\n                            jQuery('.invi-recaptcha').each(function (index, el) {\n                                grecaptcha.render(element[indexArray[index]], {\n                                    'sitekey': jQuery(el).attr('data-sitekey'),\n                                    'callback': sibVerifyCallback,\n                                });\n                            });\n                        };\n\t\t\t\t\t<\/script>\n\t\t\t\t\t                <script src=\"https:\/\/www.google.com\/recaptcha\/api.js?onload=onloadSibCallbackInvisible&render=explicit\" async defer><\/script>\n\t\t\t\t\n\t\t\t<form id=\"sib_signup_form_1\" method=\"post\" class=\"sib_signup_form\" action=\"\">\n\t\t\t\t<div class=\"sib_loader\" style=\"display:none;\"><img\n\t\t\t\t\t\t\tsrc=\"https:\/\/www.railscarma.com\/wp-includes\/images\/spinner.gif\" alt=\"cargador\"><\/div>\n\t\t\t\t<input type=\"hidden\" name=\"sib_form_action\" value=\"subscribe_form_submit\">\n\t\t\t\t<input type=\"hidden\" name=\"sib_form_id\" value=\"1\">\n                <input type=\"hidden\" name=\"sib_form_alert_notice\" value=\"Please fill out this field\">\n                <input type=\"hidden\" name=\"sib_form_invalid_email_notice\" value=\"Your email address is invalid\">\n                <input type=\"hidden\" name=\"sib_security\" value=\"a6180fbcb4\">\n\t\t\t\t<div class=\"sib_signup_box_inside_1\">\n\t\t\t\t\t<div style=\"\/*display:none*\/\" class=\"sib_msg_disp\">\n\t\t\t\t\t<\/div>\n                                            <div id=\"sib_captcha_invisible\" class=\"invi-recaptcha\" data-sitekey=\"6LdikOAaAAAAAJ6SWrrKVQrtw7TQpQAEnv0HS0G3\"><\/div>\n                    \t\t\t\t\t<p class=\"sib-email-area\">\r\n    <label class=\"sib-email-area\"><\/label>\r\n    <input type=\"email\" class=\"sib-email-area\" name=\"email\" required=\"required\" placeholder=\"Direcci\u00f3n de correo electr\u00f3nico\">\r\n<\/p>\r\n<p class=\"sib-NAME-area\">\r\n    <label class=\"sib-NAME-area\"><\/label>\r\n    <input type=\"text\" class=\"sib-NAME-area\" name=\"NAME\" placeholder=\"Nombre\">\r\n<\/p>\r\n<p>\r\n    <input type=\"submit\" id=\"invisible\" class=\"sib-default-btn\" value=\"Suscribir\">\r\n<\/p>\t\t\t\t<\/div>\n\t\t\t<input type=\"hidden\" name=\"trp-form-language\" value=\"es\"\/><\/form>\n\t\t\t<style>\n\t\t\t\tform#sib_signup_form_1 p.sib-alert-message {\n    padding: 6px 12px;\n    margin-bottom: 20px;\n    border: 1px solid transparent;\n    border-radius: 4px;\n    -webkit-box-sizing: border-box;\n    -moz-box-sizing: border-box;\n    box-sizing: border-box;\n}\nform#sib_signup_form_1 p.sib-alert-message-error {\n    background-color: #f2dede;\n    border-color: #ebccd1;\n    color: #a94442;\n}\nform#sib_signup_form_1 p.sib-alert-message-success {\n    background-color: #dff0d8;\n    border-color: #d6e9c6;\n    color: #3c763d;\n}\nform#sib_signup_form_1 p.sib-alert-message-warning {\n    background-color: #fcf8e3;\n    border-color: #faebcc;\n    color: #8a6d3b;\n}\n\t\t\t<\/style>\n\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t  <div class=\"related-post slider\">\r\n        <div class=\"headline\">Art\u00edculos Relacionados<\/div>\r\n    <div class=\"post-list owl-carousel\">\r\n\r\n            <div class=\"item\">\r\n            <div class=\"thumb post_thumb\">\r\n    <a  title=\"Gema Kaminari\" href=\"https:\/\/www.railscarma.com\/es\/blog\/articulos-tecnicos\/gema-kaminari\/?related_post_from=37277\">\r\n\r\n      <img decoding=\"async\" width=\"800\" height=\"300\" src=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2023\/04\/kaminari-gem.jpg\" class=\"attachment-full size-full wp-post-image\" alt=\"gema kaminari\" srcset=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2023\/04\/kaminari-gem.jpg 800w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2023\/04\/kaminari-gem-300x113.jpg 300w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2023\/04\/kaminari-gem-768x288.jpg 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\r\n\r\n    <\/a>\r\n  <\/div>\r\n\r\n  <a class=\"title post_title\"  title=\"Gema Kaminari\" href=\"https:\/\/www.railscarma.com\/es\/blog\/articulos-tecnicos\/gema-kaminari\/?related_post_from=37277\">\r\n        Gema Kaminari  <\/a>\r\n\r\n        <\/div>\r\n              <div class=\"item\">\r\n            <div class=\"thumb post_thumb\">\r\n    <a  title=\"\u00bfPor qu\u00e9 contratar desarrolladores Ruby on Rails en 2026?\" href=\"https:\/\/www.railscarma.com\/es\/blog\/ror\/por-que-contratar-desarrolladores-de-ruby-on-rails\/?related_post_from=30627\">\r\n\r\n      <img decoding=\"async\" width=\"800\" height=\"300\" src=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2019\/01\/why-to-hire-ruby-on-rails-developers-in-2022.jpg\" class=\"attachment-full size-full wp-post-image\" alt=\"por qu\u00e9 contratar desarrolladores de Ruby on Rails en 2022\" srcset=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2019\/01\/why-to-hire-ruby-on-rails-developers-in-2022.jpg 800w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2019\/01\/why-to-hire-ruby-on-rails-developers-in-2022-300x113.jpg 300w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2019\/01\/why-to-hire-ruby-on-rails-developers-in-2022-768x288.jpg 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\r\n\r\n    <\/a>\r\n  <\/div>\r\n\r\n  <a class=\"title post_title\"  title=\"\u00bfPor qu\u00e9 contratar desarrolladores Ruby on Rails en 2026?\" href=\"https:\/\/www.railscarma.com\/es\/blog\/ror\/por-que-contratar-desarrolladores-de-ruby-on-rails\/?related_post_from=30627\">\r\n        \u00bfPor qu\u00e9 contratar desarrolladores Ruby on Rails en 2026?  <\/a>\r\n\r\n        <\/div>\r\n              <div class=\"item\">\r\n            <div class=\"thumb post_thumb\">\r\n    <a  title=\"Importancia de la arquitectura de software en el desarrollo de software empresarial\" href=\"https:\/\/www.railscarma.com\/es\/blog\/ror\/importancia-de-la-arquitectura-de-software-en-el-desarrollo-de-software-empresarial\/?related_post_from=36250\">\r\n\r\n      <img decoding=\"async\" width=\"800\" height=\"300\" src=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2022\/06\/Importance-of-Software-Architecture-in-enterprise-software-development.jpg\" class=\"attachment-full size-full wp-post-image\" alt=\"Importancia de la arquitectura de software en el desarrollo de software empresarial\" srcset=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2022\/06\/Importance-of-Software-Architecture-in-enterprise-software-development.jpg 800w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2022\/06\/Importance-of-Software-Architecture-in-enterprise-software-development-300x113.jpg 300w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2022\/06\/Importance-of-Software-Architecture-in-enterprise-software-development-768x288.jpg 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\r\n\r\n    <\/a>\r\n  <\/div>\r\n\r\n  <a class=\"title post_title\"  title=\"Importancia de la arquitectura de software en el desarrollo de software empresarial\" href=\"https:\/\/www.railscarma.com\/es\/blog\/ror\/importancia-de-la-arquitectura-de-software-en-el-desarrollo-de-software-empresarial\/?related_post_from=36250\">\r\n        Importancia de la arquitectura de software en el desarrollo de software empresarial  <\/a>\r\n\r\n        <\/div>\r\n              <div class=\"item\">\r\n            <div class=\"thumb post_thumb\">\r\n    <a  title=\"Ruby IDE: los mejores IDE para el desarrollo de Ruby on Rails\" href=\"https:\/\/www.railscarma.com\/es\/blog\/ror\/ruby-ide-las-mejores-ideas-para-el-desarrollo-de-ruby-on-rails\/?related_post_from=36125\">\r\n\r\n      <img decoding=\"async\" width=\"800\" height=\"300\" src=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2022\/01\/BEST-IDES-FOR-RUBY-ON-RAILS-DEVELOPMENT.jpg\" class=\"attachment-full size-full wp-post-image\" alt=\"MEJORES IDES PARA EL DESARROLLO DE RUBY ON RAILS\" srcset=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2022\/01\/BEST-IDES-FOR-RUBY-ON-RAILS-DEVELOPMENT.jpg 800w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2022\/01\/BEST-IDES-FOR-RUBY-ON-RAILS-DEVELOPMENT-300x113.jpg 300w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2022\/01\/BEST-IDES-FOR-RUBY-ON-RAILS-DEVELOPMENT-768x288.jpg 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\r\n\r\n    <\/a>\r\n  <\/div>\r\n\r\n  <a class=\"title post_title\"  title=\"Ruby IDE: los mejores IDE para el desarrollo de Ruby on Rails\" href=\"https:\/\/www.railscarma.com\/es\/blog\/ror\/ruby-ide-las-mejores-ideas-para-el-desarrollo-de-ruby-on-rails\/?related_post_from=36125\">\r\n        Ruby IDE: los mejores IDE para el desarrollo de Ruby on Rails  <\/a>\r\n\r\n        <\/div>\r\n      \r\n  <\/div>\r\n\r\n  <script>\r\n      <\/script>\r\n  <style>\r\n    .related-post {}\r\n\r\n    .related-post .post-list {\r\n      text-align: left;\r\n          }\r\n\r\n    .related-post .post-list .item {\r\n      margin: 10px;\r\n      padding: 10px;\r\n          }\r\n\r\n    .related-post .headline {\r\n      font-size: 14px !important;\r\n      color: #999999 !important;\r\n          }\r\n\r\n    .related-post .post-list .item .post_thumb {\r\n      max-height: 220px;\r\n      margin: 10px 0px;\r\n      padding: 0px;\r\n      display: block;\r\n          }\r\n\r\n    .related-post .post-list .item .post_title {\r\n      font-size: 14px;\r\n      color: #000000;\r\n      margin: 10px 0px;\r\n      padding: 0px;\r\n      display: block;\r\n      text-decoration: none;\r\n          }\r\n\r\n    .related-post .post-list .item .post_excerpt {\r\n      font-size: 12px;\r\n      color: #3f3f3f;\r\n      margin: 10px 0px;\r\n      padding: 0px;\r\n      display: block;\r\n      text-decoration: none;\r\n          }\r\n\r\n    .related-post .owl-dots .owl-dot {\r\n          }\r\n\r\n      <\/style>\r\n      <script>\r\n      jQuery(document).ready(function($) {\r\n        $(\".related-post .post-list\").owlCarousel({\r\n          items: 2,\r\n          responsiveClass: true,\r\n          responsive: {\r\n            0: {\r\n              items: 1,\r\n            },\r\n            768: {\r\n              items: 2,\r\n            },\r\n            1200: {\r\n              items: 2,\r\n            }\r\n          },\r\n                      rewind: true,\r\n                                loop: true,\r\n                                center: false,\r\n                                autoplay: true,\r\n            autoplayHoverPause: true,\r\n                                nav: true,\r\n            navSpeed: 1000,\r\n            navText: ['<i class=\"fas fa-chevron-left\"><\/i>', '<i class=\"fas fa-chevron-right\"><\/i>'],\r\n                                dots: false,\r\n            dotsSpeed: 1200,\r\n                                                    rtl: false,\r\n          \r\n        });\r\n      });\r\n    <\/script>\r\n  <\/div>","protected":false},"excerpt":{"rendered":"<p>Poodle&nbsp;is a breed of dog with legs that resembles cotton candies. It is intelligent and a regular staple at dog shows. Even the most friendly dogs have the propensity to bite. Now we see all kinds of security alerts and snafus likes heartbleed and shell shock!!! The latest in addition is POODLE. This is all &hellip;<\/p>\n<p class=\"read-more\"> <a class=\"\" href=\"https:\/\/www.railscarma.com\/es\/blog\/how-to-build-a-scalable-saas-platform-using-ruby-on-rails\/\"> <span class=\"screen-reader-text\">C\u00f3mo crear una plataforma SaaS escalable con Ruby on Rails<\/span> Leer m\u00e1s \u00bb<\/a><\/p>","protected":false},"author":1,"featured_media":32075,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[384],"tags":[609,513,610],"class_list":["post-6492","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technical-articles","tag-security-threats","tag-ssl","tag-sslv3"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Poodle: SSL Security Threat Explored - RailsCarma Blog<\/title>\n<meta name=\"description\" content=\"The POODLE attack takes advantage of the protocol version negotiation feature built into SSL\/TLS to force the use of SSL 3.0 and then uses this new vulnerability to decrypt select content within the SSL session\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.railscarma.com\/es\/blog\/articulos-tecnicos\/amenaza-a-la-seguridad-ssl-de-poodle-explorada-2\/\" \/>\n<meta property=\"og:locale\" content=\"es_ES\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Poodle: SSL Security Threat Explored - RailsCarma Blog\" \/>\n<meta property=\"og:description\" content=\"The POODLE attack takes advantage of the protocol version negotiation feature built into SSL\/TLS to force the use of SSL 3.0 and then uses this new vulnerability to decrypt select content within the SSL session\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.railscarma.com\/es\/blog\/articulos-tecnicos\/amenaza-a-la-seguridad-ssl-de-poodle-explorada-2\/\" \/>\n<meta property=\"og:site_name\" content=\"RailsCarma - Ruby on Rails Development Company specializing in Offshore Development\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/RailsCarma\/\" \/>\n<meta property=\"article:published_time\" content=\"2014-11-30T07:29:11+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-08-30T07:32:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"644\" \/>\n\t<meta property=\"og:image:height\" content=\"292\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@railscarma\" \/>\n<meta name=\"twitter:site\" content=\"@railscarma\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tiempo de lectura\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/www.railscarma.com\/#\/schema\/person\/5f2228a2dec7549056e709de6eb85d21\"},\"headline\":\"Poodle \u2013 SSL Security Threat Explored\",\"datePublished\":\"2014-11-30T07:29:11+00:00\",\"dateModified\":\"2022-08-30T07:32:51+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/\"},\"wordCount\":1085,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.railscarma.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg\",\"keywords\":[\"security threats\",\"SSL\",\"sslv3\"],\"articleSection\":[\"Technical Articles\"],\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/\",\"url\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/\",\"name\":\"Poodle: SSL Security Threat Explored - RailsCarma Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.railscarma.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg\",\"datePublished\":\"2014-11-30T07:29:11+00:00\",\"dateModified\":\"2022-08-30T07:32:51+00:00\",\"description\":\"The POODLE attack takes advantage of the protocol version negotiation feature built into SSL\/TLS to force the use of SSL 3.0 and then uses this new vulnerability to decrypt select content within the SSL session\",\"breadcrumb\":{\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#breadcrumb\"},\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#primaryimage\",\"url\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg\",\"contentUrl\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg\",\"width\":644,\"height\":292},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.railscarma.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Poodle \u2013 SSL Security Threat Explored\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.railscarma.com\/#website\",\"url\":\"https:\/\/www.railscarma.com\/\",\"name\":\"RailsCarma - Ruby on Rails Development Company specializing in Offshore Development\",\"description\":\"RailsCarma is a Ruby on Rails Development Company in Bangalore. We specialize in Offshore Ruby on Rails Development based out in USA and India. Hire experienced Ruby on Rails developers for the ultimate Web Experience.\",\"publisher\":{\"@id\":\"https:\/\/www.railscarma.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.railscarma.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"es\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.railscarma.com\/#organization\",\"name\":\"RailsCarma\",\"url\":\"https:\/\/www.railscarma.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\/\/www.railscarma.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/08\/railscarma_logo.png\",\"contentUrl\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/08\/railscarma_logo.png\",\"width\":200,\"height\":46,\"caption\":\"RailsCarma\"},\"image\":{\"@id\":\"https:\/\/www.railscarma.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/RailsCarma\/\",\"https:\/\/x.com\/railscarma\",\"https:\/\/www.linkedin.com\/company\/railscarma\/\",\"https:\/\/myspace.com\/railscarma\",\"https:\/\/in.pinterest.com\/railscarma\/\",\"https:\/\/www.youtube.com\/channel\/UCx3Wil-aAnDARuatTEyMdpg\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.railscarma.com\/#\/schema\/person\/5f2228a2dec7549056e709de6eb85d21\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\/\/www.railscarma.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/308867ca6c81f3aba146080c601000087180326f752c4116849ea9f514c6a4fa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/308867ca6c81f3aba146080c601000087180326f752c4116849ea9f514c6a4fa?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/www.railscarma.com\/hire-ruby-on-rails-developer\/\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Poodle: Se explora la amenaza de seguridad SSL - Blog RailsCarma","description":"El ataque POODLE aprovecha la funci\u00f3n de negociaci\u00f3n de versi\u00f3n del protocolo integrada en SSL\/TLS para forzar el uso de SSL 3.0 y luego utiliza esta nueva vulnerabilidad para descifrar contenido seleccionado dentro de la sesi\u00f3n SSL.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.railscarma.com\/es\/blog\/articulos-tecnicos\/amenaza-a-la-seguridad-ssl-de-poodle-explorada-2\/","og_locale":"es_ES","og_type":"article","og_title":"Poodle: SSL Security Threat Explored - RailsCarma Blog","og_description":"The POODLE attack takes advantage of the protocol version negotiation feature built into SSL\/TLS to force the use of SSL 3.0 and then uses this new vulnerability to decrypt select content within the SSL session","og_url":"https:\/\/www.railscarma.com\/es\/blog\/articulos-tecnicos\/amenaza-a-la-seguridad-ssl-de-poodle-explorada-2\/","og_site_name":"RailsCarma - Ruby on Rails Development Company specializing in Offshore Development","article_publisher":"https:\/\/www.facebook.com\/RailsCarma\/","article_published_time":"2014-11-30T07:29:11+00:00","article_modified_time":"2022-08-30T07:32:51+00:00","og_image":[{"width":644,"height":292,"url":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg","type":"image\/jpeg"}],"author":"admin","twitter_card":"summary_large_image","twitter_creator":"@railscarma","twitter_site":"@railscarma","twitter_misc":{"Escrito por":"admin","Tiempo de lectura":"5 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#article","isPartOf":{"@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/"},"author":{"name":"admin","@id":"https:\/\/www.railscarma.com\/#\/schema\/person\/5f2228a2dec7549056e709de6eb85d21"},"headline":"Poodle \u2013 SSL Security Threat Explored","datePublished":"2014-11-30T07:29:11+00:00","dateModified":"2022-08-30T07:32:51+00:00","mainEntityOfPage":{"@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/"},"wordCount":1085,"commentCount":0,"publisher":{"@id":"https:\/\/www.railscarma.com\/#organization"},"image":{"@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#primaryimage"},"thumbnailUrl":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg","keywords":["security threats","SSL","sslv3"],"articleSection":["Technical Articles"],"inLanguage":"es","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/","url":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/","name":"Poodle: Se explora la amenaza de seguridad SSL - Blog RailsCarma","isPartOf":{"@id":"https:\/\/www.railscarma.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#primaryimage"},"image":{"@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#primaryimage"},"thumbnailUrl":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg","datePublished":"2014-11-30T07:29:11+00:00","dateModified":"2022-08-30T07:32:51+00:00","description":"El ataque POODLE aprovecha la funci\u00f3n de negociaci\u00f3n de versi\u00f3n del protocolo integrada en SSL\/TLS para forzar el uso de SSL 3.0 y luego utiliza esta nueva vulnerabilidad para descifrar contenido seleccionado dentro de la sesi\u00f3n SSL.","breadcrumb":{"@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#breadcrumb"},"inLanguage":"es","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/"]}]},{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#primaryimage","url":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg","contentUrl":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2014\/11\/POODLE-SSLv3-RC.jpg","width":644,"height":292},{"@type":"BreadcrumbList","@id":"https:\/\/www.railscarma.com\/blog\/technical-articles\/poodle-ssl-security-threat-explored-2\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.railscarma.com\/"},{"@type":"ListItem","position":2,"name":"Poodle \u2013 SSL Security Threat Explored"}]},{"@type":"WebSite","@id":"https:\/\/www.railscarma.com\/#website","url":"https:\/\/www.railscarma.com\/","name":"RailsCarma - Empresa de desarrollo Ruby on Rails especializada en desarrollo offshore","description":"RailsCarma es una empresa de desarrollo de Ruby on Rails en Bangalore. Nos especializamos en el desarrollo offshore de Ruby on Rails con sede en EE. UU. e India. Contrate desarrolladores experimentados de Ruby on Rails para disfrutar de la mejor experiencia web.","publisher":{"@id":"https:\/\/www.railscarma.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.railscarma.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"es"},{"@type":"Organization","@id":"https:\/\/www.railscarma.com\/#organization","name":"RielesCarma","url":"https:\/\/www.railscarma.com\/","logo":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/www.railscarma.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/08\/railscarma_logo.png","contentUrl":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/08\/railscarma_logo.png","width":200,"height":46,"caption":"RailsCarma"},"image":{"@id":"https:\/\/www.railscarma.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/RailsCarma\/","https:\/\/x.com\/railscarma","https:\/\/www.linkedin.com\/company\/railscarma\/","https:\/\/myspace.com\/railscarma","https:\/\/in.pinterest.com\/railscarma\/","https:\/\/www.youtube.com\/channel\/UCx3Wil-aAnDARuatTEyMdpg"]},{"@type":"Person","@id":"https:\/\/www.railscarma.com\/#\/schema\/person\/5f2228a2dec7549056e709de6eb85d21","name":"administraci\u00f3n","image":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/www.railscarma.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/308867ca6c81f3aba146080c601000087180326f752c4116849ea9f514c6a4fa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/308867ca6c81f3aba146080c601000087180326f752c4116849ea9f514c6a4fa?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/www.railscarma.com\/hire-ruby-on-rails-developer\/"]}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.railscarma.com\/es\/wp-json\/wp\/v2\/posts\/6492","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.railscarma.com\/es\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.railscarma.com\/es\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.railscarma.com\/es\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.railscarma.com\/es\/wp-json\/wp\/v2\/comments?post=6492"}],"version-history":[{"count":0,"href":"https:\/\/www.railscarma.com\/es\/wp-json\/wp\/v2\/posts\/6492\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.railscarma.com\/es\/wp-json\/wp\/v2\/media\/32075"}],"wp:attachment":[{"href":"https:\/\/www.railscarma.com\/es\/wp-json\/wp\/v2\/media?parent=6492"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.railscarma.com\/es\/wp-json\/wp\/v2\/categories?post=6492"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.railscarma.com\/es\/wp-json\/wp\/v2\/tags?post=6492"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}