Here we go again: Google discloses details on new SSL vulnerability, Poodle

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now

Google today came forward with details on a new issue regarding the SSL protocol, just a few months after the Heartbleed incident brought SSL into the spotlight.

“This vulnerability allows the plaintext of secure connections to be calculated by a network attacker,” Bodo Möller, of the Google Security Team, wrote in a blog post today. “I discovered this issue in collaboration with Thai Duong and Krzysztof Kotowicz (also Googlers).”

The name of the attack: Padding Oracle On Downgraded Legacy Encryption, or POODLE.

One potential workaround: disabling the use of version 3.0 of SSL.

AI Scaling Hits Its Limits

Power caps, rising token costs, and inference delays are reshaping enterprise AI. Join our exclusive salon to discover how top teams are:

Turning energy into a strategic advantage
Architecting efficient inference for real throughput gains
Unlocking competitive ROI with sustainable AI systems

Secure your spot to stay ahead: https://bit.ly/4mwGngO

“In the coming months, we hope to remove support for SSL 3.0 completely from our client products,” Möller wrote.

Details on the vulnerability can be found here.

Daily insights on business use cases with VB Daily

If you want to impress your boss, VB Daily has you covered. We give you the inside scoop on what companies are doing with generative AI, from regulatory shifts to practical deployments, so you can share insights for maximum ROI.

Read our Privacy Policy

Thanks for subscribing. Check out more VB newsletters here.

An error occured.

The insights you need without the noise