Thursday, October 16, 2014

Google uncovers vulnerability in SSL web encryption technology


Three Google researchers have reportedly discovered a security bug in widely used web encryption technology that can be used by hackers to take over email accounts, banking accounts and other services. The bug has been named Poodle and stands for Padding Oracle On Downloaded Legacy Encryption.




The revelation has prompted browsers to issue advises asking users to disable use of the source of the security bug: an 18-year old encryption standard known as SSL 3.0, reported The Huffington Post. This is the third time in a year that researchers have uncovered a bug in the web technology following April's "Heartbleed" bug in OpenSSL and last month's "Shellshock" bug in a piece of Unix software known as Bash. However, the report said that the vulnerability is not as complicated and dangerous as the last two.