
Google security researchers have published details about a major security flaw found in the SSL protocol that is used to encrypt data transferred between your browser and a web server. SSL is typically used in situations where logon credentials are validated or when other confidential information is exchanged (e.g. online banking). The exploit Google discovered works by taking advantage of two vulnerabilities. 1. Manipulate your web browser into using an old version of the SSL protocol. 2. Using a known exploit in the old version to essentially decrypt the encrypted traffic.