New Poodle Bug Revealed by Researchers

October 15, 2014

Editorial Note: Talk Android may contain affiliate links on some articles. If you make a purchase through these links, we will earn a commission at no extra cost to you. Learn more.

Vicious Poodle Look out! Three Google researchers published a bug today, causing much of the internet to panic over securing systems. The bug is called POODLE, for “Padding Oracle On Downgraded Legacy Encryption.” Poodle bypasses SSL protections, much like last year's dreadful HeartBleed, causing some to call it “PoodleBleed.”

Data in transit between a website and a user is protected by SSL, usually seen in the url as a green padlock. However, if compromised, a hacker can intercept data in transit, opening the door to all kinds of technical tomfoolery. Fortunately, POODLE targets SSL 3.0, which is 15 years old, but a few systems still use it. If a system uses 3.0, it seems disaster can be averted by upgrading—and quickly!

Source: The Verge

Alex Cobb Author

Alex is a student at Appalachian State University majoring in Computer Science. When he's not coding or tinkering with his tech devices, he enjoys exercise and playing music. He is currently trying to start many different businesses in hopes of making it big as an entrepreneur, from fixing and selling phones to crafting herbal teas. Alex's first smartphone was a Droid Bionic, and he's been rapidly jumping from device to device through the years. He also has a Nexus 7 (2012) as his small tablet of choice. Alex considers himself an avid Android Evangelist, converting Apple users to the superior operating system whenever he gets the chance.

1 comment

disqus_LIL0PrKFKY says:

October 24, 2014 at 8:47 PM

60% of my spam is from compromised accounts which seem to trace to Mobile devices that are used in Hotspots, public Wi-Fi, this makes this attack a real problem.
No idea how to disable SSL3 and revert to SSL2 on my Samsung Note 2?

Reply