Look out! Three Google researchers published a bug today, causing much of the internet to panic over securing systems. The bug is called POODLE, for “Padding Oracle On Downgraded Legacy Encryption.” Poodle bypasses SSL protections, much like last year’s dreadful HeartBleed, causing some to call it “PoodleBleed.”
Data in transit between a website and a user is protected by SSL, usually seen in the url as a green padlock. However, if compromised, a hacker can intercept data in transit, opening the door to all kinds of technical tomfoolery. Fortunately, POODLE targets SSL 3.0, which is 15 years old, but a few systems still use it. If a system uses 3.0, it seems disaster can be averted by upgrading—and quickly!
Source: The Verge
Come comment on this article: New Poodle Bug Revealed by Researchers
from Android News, Rumours, and Updates http://ift.tt/1vbTpma
No comments:
Post a Comment