
Apple.com Gets F in SSL Test, vulnerable to zombie POODLE - dcu
https://www.ssllabs.com/ssltest/analyze.html?d=apple.com&latest
======
AdamJacobMuller
this is testing apple.com which is just a redirect to www.apple.com which has
an A+:
[https://www.ssllabs.com/ssltest/analyze.html?d=www.apple.com](https://www.ssllabs.com/ssltest/analyze.html?d=www.apple.com)

It's not an excellent situation and they should fix it, but, its not as
terrible a situation as if this was on www.apple.com

------
d1str0
It’s clearly not Apple.com, it’s appleid.org

~~~
lern_too_spel
Both belong to Apple and are vulnerable to Zombie POODLE.
[https://www.ssllabs.com/ssltest/analyze.html?d=apple.com&s=1...](https://www.ssllabs.com/ssltest/analyze.html?d=apple.com&s=17.142.160.59)

~~~
theandrewbailey
> SSL Labs will start giving “F” grade to the server affected by these
> vulnerabilities from end of May 2019.[0]

This is due to the server supporting cipher block chaining (CBC) cipher modes.
Almost everyone has been moving towards Galois counter mode (GCM) ciphers for
several years.

[0] [https://blog.qualys.com/technology/2019/04/22/zombie-
poodle-...](https://blog.qualys.com/technology/2019/04/22/zombie-poodle-and-
goldendoodle-vulnerabilities)

~~~
kayfox
Do they even test for the vulnerability? The blog post is unclear.

