The POODLE Bites Again - The New Variation Of The SSL 3.0 Vulnerability

Do you know what POODLE is?

POODLE is the acronym for a security flaw, which means Padding Oracle On Downgraded Legacy Encryption. The community of computer security specialists had some exciting times in the middle of October, when it was discovered. It was found in SSL 3.0 (Secure Sockets Layer version 3.0), which has been used since 1996 by many websites to guard their communication with customers. Well, security researchers have something to talk about again, because POODLE is back.

While the POODLE bug was thought to only work on SSL 3, it appears that it affects certain implementations or versions of TLS (Transport Layer Security) protocol, which is a widely used encryption standard, somewhat similar to SSL. In fact, using POODLE to attack TLS 1.0 – 1.2 protocols was even discovered to be easier to initiate, requiring less steps than an attack on SSL 3.0.

It is popular to assume that if the domain of a website starts with “https://“, the information user sends to that website cannot be intercepted. POODLE makes it so that websites that use SSL 3.0 or certain versions of TLS are vulnerable to decryption and extraction of information that is being sent and received over the Internet. This could include any sort of data that helps to impersonate the real user later, like cookies, passwords, etc.

Understandably, computer users should now be especially careful while using online banking services. If you use an online banking or other website, which encrypts data with SSL 3.0, and requires you to enter sensitive information, you could come to serious harm. That is assuming that your bank or other web pages did not remove their vulnerability to the POODLE bug.

If you want to check if your bank or other websites you frequent are safe to use, there are free scanning tools available online. Banking giants, like Bank of America, Citibank, or HSBC were vulnerable as of the 11th of December. Using unsafe websites on public networks, like free Wi-Fi hotspots at coffee shops could prove to be disastrous, as the bug is proven to be much easier to take advantage of when the attacker is on the same network as the victim.

The best way to not be taken advantage of by any attacker using the POODLE bug is to keep your Internet browser updated and never use websites that could transmit your important passwords and other data in public. Also, making sure that SSL 3.0 support is disabled on your web browser is a very good idea. Most browser developer plan to stop supporting SSL 3.0, or already have done this. The best method to prevent your data from being stolen, though, is to be vigilant until vulnerable sites fix their vulnerability on the server side. Just try to be careful with the information you send over unprotected networks to websites that are vulnerable to POODLE.

In non-techie terms:

POODLE is a serious vulnerability, affecting SSL 3.0 and certain TSL encryption protocol versions. It works by allowign the attacker to work as a middle-man to intercept sensitive data, like passwords, that is being sent to the website host if his security is vulnerable to POODLE. The best way to prevent harm by POODLE is to never send sensitive data on public networks and to be careful when using vulnerable websites in private.

Tags: .