Asking this partly for confirmation of my own thoughts on this, and also as a "public service" type thing to help inform those that haven't heard about it as yet.
There's a "new" (or more correctly "newly widely-known") exploit which has recently been announced, relating to SSL3 connections to/from devices/servers etc. See the link below for the latest info on it, if you're interested/possibly affected. In short, it requires both server and the browser being used to have SSL 3 enabled, AND it requires someone wanting to exploit the vulnerability to intercept and change the network traffic in-between the browser and server. How likely this is to happen, I'm not sure.
So, a question for the Pharos staff - are any Pharos devices or services potentially affected by this?