We're Not Afraid of POODLE
Eric Tompkins
in Maintenance & Outages
A few weeks ago some Google researchers published about a security bug within SSL. Their report describes an attack cutely called POODLE ("Padding Oracle On Downgraded Legacy Encryption"). Essentially the vulnerability lets an attacker circumvent SSL protections and intercept and possibly replace data.
The nice thing, though, is that this vulnerability is only in older versions of SSL, namely…