Google researchers reveal new Poodle bug, putting the web on alert

A trio of Google researchers published a troubling bug today, sending much of the web into panic mode to ensure systems were adequately secure. The report describes a POODLE attack (short for “Padding Oracle On Downgraded Legacy Encryption”) that would effectively circumvent SSL protections, the same protocol targeted by Heartbleed earlier this year. This bug, also known as “Poodlebleed,” is not as serious or as far-reaching as Heartbleed, but has still raised alarms in the research community.

Also known as “Poodlebleed”

SSL protects data in transit between a website and a user, usually indicated by a green padlock icon and an HTTPS url. If SSL is compromised, a sophisticated attacker could intercept and replace data in transit,…

Continue reading…

The Verge – All Posts

Leave a Comment