The POODLE Bug: Reasons for You to Worry about Security?

The POODLE bug, technically known as CVE­-2014­-3566, is the latest ‘discovery’ by the security experts in the world of computers and internet. In fact, the credit for discovering the bug goes to three Google engineers. The threesome found out the vulnerability in the SSL v3.

POODLE Bug

After Heartbleed, the POODLE bug is the next big thing to be discovered. It needs to be known at what intensity the POODLE may strike you. For that you should be acquainted with SSL. So, let us first run through SSL.

More about POODLE Bug

POODLE stands for Padding Oracle On Downgraded Legacy Encryption. The POODLE bug is an error in the security in SSL 3.0. If conditions develop in favor of the POODLE, it can break open in the security system. This simply means, with the help cookies, an attacker can get hold of your session cookies.

The Risk

No one wants to neither hear this nor face it and it needs little mention what the hacker can do if the session cookies go in his hands. If you are accessing you bank accounts through your PC, it is possible that this information can be in the hands of the attacker. Your email accounts, social networking accounts, blah blah blah, everything suddenly comes.

Also Read: Heartbleed Bug: What Is It And How To Stay Protected?

Secure Sockets Layer (SSL)

SSL is also popularly known as Secure Sockets Layer. For those who do not know, SSL is a service for encrypting your internet communication. It is vital in the security point of view so your data remains safe and doesn’t reach unwanted hands.

The most sensitive data happens to be your debit and credit card details that you use for online shopping. Moreover, internet banking and accessing a bank’s website from your personal computer has become a household activity today. This is where SSL comes in the picture and safeguards your communication to and fro.

POODLE-bug

So, Does The POODLE Bug Affect The SSL Too?

That’s a valid question. Actually, SSL is nearing its completion of two decades in the industry – 18 years to be specific. The current version is the SSL 3.0 being used these days. But, it must be mentioned that there are even better encryption expertise available.

Related: New Security Flaw in Internet Explorer

We are speaking about TLS (Transport Layer Security). Even if TLS is better than SSL 3.0, the reach and use of the former encryption service is spread far and wide. It is estimated that more than 90% of browsers still support SSL 3.0, however, the service is used in only about 1% of traffic.

How Dangerous Can the POODLE Bug for You Be?

Though a security glitch is a security glitch, there is nothing much to worry about. The attacker who wants to exercise POODLE for attacking has to be between the site you are visiting and you. The highest possibility of this to happen is when you are using an unsecured public Wi-Fi network.

So, What’s The Way Out?

If you are not sure of what action you need to take, the solution is simple enough. As mentioned above, you are vulnerable if the internet is accessed through unsecured Wi-Fi. So, make sure you aren’t using unsecured Wi-Fi network.

Secondly, make sure you have configured your browser for auto updates. So, your web browser will also remain up-to-date.

The POODLE bug is the hot topic these days. We will keep giving the latest information as and when available.

Post Comment

CommentLuv badge