Security experts warn of ‘POODLE’ attack against SSL 3.0

Google researchers have found a severe flaw in an obsolete but still used encryption software, which could be exploited to steal sensitive data.

The flaw in SSL 3.0 is more than 15 years old but is still used by modern web browsers and servers. SSL stands for “Secure Sockets Layer,” which encrypts data between a client and server and secures most data sent over the Internet.

Bodo Möller, Thai Duong and Krzysztof Kotowicz of Google developed an attack called “POODLE,” which stands for Padding Oracle On Downgraded Legacy Encryption, according to their research paper.

To read this article in full or to leave a comment, please click here

Read more: Security experts warn of ‘POODLE’ attack against SSL 3.0

Story added 15. October 2014, content source with full text you can find at link above.