Poodle encryption security vulnerabilities allow hackers to have an opportunity

March 7, 2017

[global technology Roundup] according to the British "Daily Telegraph" reported in October 15th three, Google researchers found a new Internet vulnerability — "poodle", the vulnerability of network access through that encrypted data, let hackers access to the user’s bank account, email and other services.

after the "bleeding heart" and "Shellshock" vulnerability, this is the year that third Internet vulnerabilities, but the American research institutions – qualys application security director Chris Dick said the risk of less than two, but the program is more complex and has. The principle of the vulnerability attack is to use the system down to the trend of SSL3.0 security, and then steal the browser information recording program (ie, cookies).

, the US Department of homeland security network consultant Moss said, hackers must attack the "middle man" to take advantage of the loopholes, such as public Wi-Fi hotspots some cafes is particularly vulnerable to "poodle" attack.

to address this vulnerability, both Internet browsers and web sites must be reconfigured to avoid using SSL3.0. But Green, a research assistant professor of computer science at the Johns Hopkins University, says it is not easy for some computers to do so. Internship compile: Zhang Jiaying reviewer: Chen Wei)

Leave a Reply

Your email address will not be published. Required fields are marked *