Webopedia on Google+Webopedia on TwitterWebopedia on FacebookTech Bytes Blog
Main » TERM » S »

SSL BEAST

Short for Browser Exploit Against SSL/TLS, SSL Beast is an exploit first, revealed in late September 2011, that leverages weaknesses in cipher block chaining (CBC) to exploit the Secure Sockets Layer (SSL) protocol. The CBC vulnerability can enable man-in-the-middle (MITM) attacks against SSL in order to silently decrypt and obtain authentication tokens, providing hackers with access to the data passed between a Web server and the Web browser accessing the server.

While SSL BEAST attacks affect only the Transport Layer Security (TLS) 1.0 version of SSL and not later versions such as TLS 1.1 and 1.2, TLS 1.0 remains the overwhelmingly predominant version used by both Web servers and browsers. Following a Javascript-based demonstration of the SSL BEAST attack by researchers Juliano Rizzo and Thai Duong, developers of Google Chrome and other major Web browsers started taking steps to create workarounds for mitigating the risks of SSL BEAST attacks.







TECH RESOURCES FROM OUR PARTNERS
DID YOU KNOW?
What You Don't Read Can Hurt You

Does this sound familiar? An online service promises to help your small business cut costs, increase productivity, make your coffee and walk your... Read More »

Who's Moving Ahead in Cloud Computing?

The future remains, well, cloudy. But either way: Amazon, look out. Microsoft is gaining fast. Read More »

We Can't Give Up on Privacy!

Even new and emerging technologies that can make our lives easier, safer and healthier can jeopardize our privacy. Read More »

QUICK REFERENCE
Webopedia Polls

The trend for the past two years has been for shoppers to spend more online during the holiday season. How do you typically shop for holiday... Read More »

How to Create a Desktop Shortcut to a Website

This Webopedia guide will show you how to create a desktop shortcut to a website using Firefox, Chrome or Internet Explorer (IE). Read More »

Flash Data Storage Vendor Trends

Although it is almost impossible to keep up with the pace of ongoing product releases, here are three recent highlights in the flash data storage... Read More »