‘FREAK’ security flaw exposes Apple/Google device users to hacks

‘FREAK’ security flaw exposes Apple/Google device users to hacks

In a highly noteworthy disclosure this week, security researchers have exposed a security vulnerability dubbed 'FREAK' - short for 'Factoring attack on RSA-EXPORT Key' - which can potentially be exploited by hackers to crack a 512-bit encryption key.

According to the researchers, the FREAK security flaw poses a potential hacking risk for some Apple and Google device users even when they visit certain purportedly secure websites, including government pages.

Revealing that the FREAK security vulnerability dates back more than 10 years, researchers said that the vulnerability exposes users of Safari and Android browsers to man-in-the-middle attacks when they surf various websites which are considered secure.

Going by the details shared by the researchers who discovered the FREAK security bug, the main target of FREAK is the deliberately weak export cipher suites which were introduced in the 1990s "under the pressure of US government agencies to ensure that the NSA would be able to decrypt all foreign encrypted communication."

Further adding that several US government agencies - including the NSA and the FBI - as well as numerous other popular websites, like IBM and Symantec, enable export cipher suites on their servers, the researchers said on their Freakattack. com website: "If a server is willing to negotiate an export ciphersuite, a man-in-the-middle may trick a browser (which normally doesn't allow it) to use a weak export key."

Houston News

Health News

Short Naps improve Memory: Study

A study has found that short naps could be helpful in improving memory. After a short nap, one...