HiTech Terms: What are the Poodle Bug and SSL attacks?

PRIVACY ANS SECURITY POP QUIZ copy (2)

The Poodle bug is a security vulnerability that attacks internet transmission and authentication.  These securities are called SSL vulnerability.  SSL refers to encryption technology used to connect and transmit information over the internet.  SSL is   not the only type of encryption used for transmitting and internet authentication.  There is a new technology called TLS that is not susceptible to these bug attacks.

Who comes up with these names? Poodle is actually an acronym.  It stands for Padding Oracle on Downgraded Legacy Encryption.  Poodle was discovered by Google Researchers as was the bleeding heart bug. http://www.ft.com/cms/s/0/1896882a-53f6-11e4-8285-00144feab7de.html#axzz3rBgCMi1x

 

Other  SSL vulnerabilities include the bleeding heart and Freak bugs.

  • The bleeding heart bug can extract passwords, private keys, and other confidential data from servers used for banking, shopping, and e-mail.
  • The Freak bug can break or crack encryption keys.  Once an encryption key is broken, the data may be exposed unencrypted.
  • The Poodle allows the stealing of HTTP cookies or HTTP Authorization headers.  HTTP Authorization headers are like credentials or ID for a website.  It is like a computer or phone driver’s license on the internet.  It is a form of ID used to verify the identity of a device or user.  Stealing an HTTP Authorization header is like stealing an internet driver’s license. With stolen HTTP Authorization header, wrongdoers can pass off information as you work on websites or networks.

Discover why pictures may harm your computer.  Click here or go to http://wp.me/p4bsis-1jw

Watch our blawg for information about how to protect yourself from the Poodle and other bugs.  We are writing a post covering the topic.

Leave a Reply

Your email address will not be published. Required fields are marked *

Post Navigation