Google researchers discover POODLE, an exploit targeting SSL 3.0


Poodle Baxter Olea

Posted on Google’s Online Security Blog, three Google researches have published a report detailing a nasty online security bug they’re calling POODLE (“Padding Oracle On Downgraded Legacy Encryption”). This POODLE attack targets a specific vulnerability in SSL 3.0 which, for the most part, hasn’t been used in over a decade. Even so, it’s still widely supported and is the reason Google is urging all system admins to discontinue support for the protocol.

Also known as Poodlebleed, the attack is similar to the Heartbleed exploit we saw causing a panic around the net earlier this year and allows for hackers to potentially intercept and replace data being sent/received during a “secure” HTTPS session. By publishing the exploit Google not only gives sysadmins a head start in patching everything up, but at the same time, provides all sorts nefarious characters around the net with everything the need to exploit the newly discovered vulnerability. For more info on POODLE, check out Google’s PDF here (download).

For instructions on preventing this SSLV3 fallback in Chrome and Firefox, check out the researcher’s blog post here.

[ImperialViolet.org | via The Verge]

Chris Chavez
I've been obsessed with consumer technology for about as long as I can remember, be it video games, photography, or mobile devices. If you can plug it in, I have to own it. Preparing for the day when Android finally becomes self-aware and I get to welcome our new robot overlords.

Google Glass gets Android Wear-like Notification Sync, update rolls out this week

Previous article

AT&T accidentally lists Nexus 6 on their site (sort of)

Next article

You may also like


  1. Should’ve used the Weird Al ‘Poodle Hat’ album cover, although I guess you guys probably don’t have rights for that :)

    1. Yes for the Weird Al idea. Most people are too embarrassed or indifferent to even acknowledge that he’s awesome.

  2. Way to post a picture of a terrier instead of a poodle…

    1. Sorry but this is 100% a toy poodle purebred.

Leave a reply

Your email address will not be published. Required fields are marked *