Google uncovers Poodle flaw in Web encryption standard
Poodle security bug in web encryption SSL 3.0 allows hackers to steal data from email accounts, bank accounts and social networking sites. Google security engineers have uncovered a major vulnerability dubbed Poodle in Web encryption standard SSL 3.0. The bug makes browsers susceptible to hacking, but researchers state that it is not as harmful as Heartbleed or Shellshock bugs. Google security engineers Bodo Möller, Krzysztof Kotowicz and Thai Duong stated in a report that POODLE is a new security hole in Secure Socket Layer (SSL) 3.0 that makes the 15-year-old protocol impossible to use safely and upgrading it will be difficult. “Poodle” stands for Padding Oracle On Downloaded Legacy Encryption. Security experts stated that the bug could allow hackers to steal browser “cookies,” but was not very serious. Ivan Ristic, director of application security research with Qualys and an expert in SSL stated, “It’s quite complicated. It requires the attacker to have a pri