This article is more than 1 year old
UK banks ill-prepared for return of the rabid POODLE
Only 4,096 requests needed to uncover a 16-character cookie
The latest evolution of a high-profile security flaw potentially exposes UK banks' web site traffic to eavesdropping.
The POODLE (Padding Oracle On Downgraded Legacy Encryption) security flaw first surfaced in October and was thought to affect only the obsolete - but still widely used - Secure Sockets Layer (SSL) 3.0 crypto algorithm. Researchers revealed last week that the POODLE flaw also affects versions of TLS (short for Transport Layer Security).
"A successful attack will use about 256 requests to uncover one cookie character, or only 4096 requests for a 16-character cookie. This makes the attack quite practical," he warned.
Qualys, through SSL Labs, has developed a free scanning tool designed to allow website owners a means to check their website for cryptographic problems, including, but not limited to, POODLE.
A review of UK banking website using Qualys’s SSL/TLS scanning tool shows that many are vulnerable to POODLE, including RBS (max: TLSv1, min: SSLv3); OneAccount (max: TLSv1, min: SSLv3); HSBC (max: TLSv1, min: SSLv3); Halifax (max: TLSv1, min: SSLv3); NatWest (max: TLSv1, min: SSLv3); Cooperative Bank (only TLSv1); Barclays (max: TLSv1.2, min: SSLv3); Tesco Bank (max: TLSv1, min: SSLv3) and Santander (max: TLSv1.2, min: TLSv1).
"Security (transport-layer or otherwise) at nearly all major UK banks is pretty abysmal," security consultant Paul Moore told El Reg.
"TLSv1 alone is 15 years old and of the above, only Santander supports the strongest protocols. That gives you some insight into how antiquated our banking system really is," he added.
Qualys estimates that around 10 per cent of web servers are vulnerable to the POODLE attack against TLS.
A hostile attacker might be able to exploit the POODLE bug to to unwrap the contentions of an encrypted transmission, leaving passwords, login cookies and other sensitive data open to wiretapping.
Disabling SSL 3.0 support in web applications is recommended since there's no patch as such, as an advisory by US CERT explains. The same researchers who unearthed the Poodle vulnerability have however been able to develop a fix for TLS-based systems.