Newly Discovered POODLE Vulnerability Exploits Flaw In SSL Web Encryption

Chuck Bednar for redOrbit.com – Your Universe Online
Three Google security engineers have discovered a new vulnerability in Secure Socket Layer (SSL) version 3.0 that reportedly makes the 15-year-old encryption protocol still used by websites and Web browsers unsafe to use.
In their report, authors Bodo Möller, Krzysztof Kotowicz and Thai Duong explain that a Padding Oracle On Downgraded Legacy Encryption (POODLE) attack can force browsers to downgrade to SSL 3.0 and then allow them to steal “secure” HTTP cookies and other data.
As CNET’s Seth Rosenblatt explains, the attack essentially lets hackers circumvent the encryption protocol, and that POODLE would continue to be an issue as long as SSL 3.0 is supported. While the safer, newer Transport Layer Security (TLS) protocol is more commonly used, websites and browsers revert to the SSL 3.0 when encountering errors in its predecessor.
Russell Brandom of The Verge notes that POODLE targets the same protocol as Heartbleed, but is “not as serious or as far reaching” as that bug. Nonetheless, he added, security experts are urging system administrators to discontinue support for the protocol, which “should be sufficient to prevent” POODLE-based attacks.
“Disabling SSL 3.0 support, or CBC-mode ciphers with SSL 3.0, is sufficient to mitigate this issue, but presents significant compatibility problems, even today,” Möller explained in a blog entry Tuesday. “Therefore our recommended response is to support TLS_FALLBACK_SCSV. This is a mechanism that solves the problems caused by retrying failed connections and thus prevents attackers from inducing browsers to use SSL 3.0.”
“It also prevents downgrades from TLS 1.2 to 1.1 or 1.0 and so may help prevent future attacks,” he continued, noting that Google servers and the company’s Chrome browser had “supported TLS_FALLBACK_SCSV since February and thus we have good evidence that it can be used without compatibility problems. Additionally, Google Chrome will begin testing changes today that disable the fallback to SSL 3.0.”
Doing so would cause some websites to break, meaning that those pages would need to be updated ASAP, Möller added. He also said that over the next few months, Google hopes to completely remove SSL 3.0 support from their client products. Following the release of the report, Mozilla announced that it had plans in place to remove support for the outdated protocol from the next version of its Firefox browser, which is due out November 25.
The code to disable it would be “landing today” and would be promoted to Beta status “in the next few weeks,” Mozilla security engineer Richard Barnes wrote in a blog post. “This timing is intended to allow website operators some time to upgrade any servers that still rely on SSLv3. As an additional precaution, Firefox 35 will support a generic TLS downgrade protection mechanism known as SCSV. If this is supported by the server, it prevents attacks that rely on insecure fallback.”
“For users who don’t want to wait till November 25th (when SSLv3 is disabled by default in Firefox 34), we have created the SSL Version Control Firefox extension to disable SSLv3 immediately,” he added. “Website operators should evaluate their traffic now and disable SSLv3 as soon as compatibility with legacy clients is no longer required.”
According to Rosenblatt, a recent study found that less than 0.3 percent of communication between websites and servers required use of SSL 3.0, and just 0.42 percent of the top one million domains on Alexa even use it occasionally. Barnes added that the only web browser that does not support the newer TLS is Microsoft’s Internet Explorer 6.
“We realize that many sites still receive traffic from IE6 and cannot disable SSLv3 entirely,” the Mozilla security engineer said. “Those sites may have to maintain SSLv3 compatibility, and should actively encourage their users to migrate to a more secure browser as soon as possible.”
—–
Protect your computer with Norton Antivirus
—–