Poodle bug bites web users in the SSL

Google researchers have released details of a new SSL bug, dubbed Poodle, which leaves plain-text data in transit over a secure connection vulnerable to attackers.

Poodle bug bites web users in the SSL

The bug only affects SSL 3, a 15-year-old encryption protocol, which the researchers refer to as “obsolete and insecure” in their full report (PDF).

However, while it’s theoretically been replaced by TLS, most browsers still support the older protocol.

“In order to work around bugs in HTTPS servers, browsers will retry failed connections with older protocol versions, including SSL 3,” said Bodo Möller, of the Google Security Team.

Poodle, short for “Padding Oracle On Downgraded Legacy Encryption”, exploits this backward-compatibility.

“Because a network attacker can cause connection failures, they can trigger the use of SSL 3 and then exploit this issue,” he explained.

If they succeed, the traffic exchanged over the encrypted connection can be intercepted and read.

As bad as Heartbleed?

The good news is, Poodle is nowhere near as serious as Heartbleed, the bug discovered in OpenSSL earlier this year, or ShellShock.

Nick Sullivan, head of security engineering at Cloudflare, told the Financial Times that, unlike these two vulnerabilities, most financial institutions already have fallback to SSL 3 disabled, so online banking, and indeed the banks themselves, shouldn’t be open to attack.

However, he did say that a particularly “dedicated hacker” could exploit the bug on the vast majority of websites, providing the victim was using a public Wi-Fi network and malicious code had already been inserted into the site.

Thanks to the fact that the attack requires a forced downgrade to SSL 3 does mean there are some immediate ways to combat the Poodle bug.

“Disabling SSL 3 support, or CBC-mode ciphers with SSL 3, is sufficient to mitigate this issue, but presents significant compatibility problems, even today,” said Möller.

“Therefore our recommended response is to support TLS_FALLBACK_SCSV. This is a mechanism that solves the problems caused by retrying failed connections and thus prevents attackers from inducing browsers to use SSL 3,” he explained.

Google believes TLS_FALLBACK_SCSV can be used without compatibility problems, at it’s been supported by both Chrome and the company’s servers since February.

Chrome is also now testing changes that disable the fallback to SSL 3, which Möller warned will break some sites, which will need to be updated quickly.

Mozilla has also announced that SSL 3 will be disabled by default in the next version of its browser, Firefox 34, which will be released on 25 November. Firefox 35, when it comes out, will support TLS_FALLBACK_SCSV as well.

For those who don’t wish to wait for the update, Firefox has created an SSL version control extension, which can be downloaded here.

If you’re using Chrome or Internet Explorer, the University of Michigan has published details of how to disable SSL 3 immediately here.

Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.

Todays Highlights
How to See Google Search History
how to download photos from google photos