‘FREAK attack’ Security Flaw Makes iOS and Android Devices Vulnerable to Hackers
Thanks to a newly discovered security flaw, millions of users surfing through mobile browsers of two top companies are now vulnerable to hackers. Codenamed as FREAK (Factoring RSA Export Keys) attack, the flaw allows hackers to intercept the electronic communication of Apple’s Safari and Andriod browsers from Google.
As of now, researchers haven’t found any evidence of the flaw being exploited by any hacker, but the companies don’t wish to take a chance. The internet search giant, as well as Apple, are working in a direction to fix it.
According to the researchers, the problem has its roots in a decade-old U.S. government policy that prevents consumers from having access to secure encryption.
[quote text_size=”small” author=”Edward Felten” author_title=”Professor of Computer Science and Public Affairs at Princeton”]
This was a policy decision made 20 years ago and it’s now coming back to bite us.
The flaw is caused by poor implementation of the encrypted link between browsers and the websites visited by users. Researchers also found out that they could attack from websites that are considered secure, and make them use weaker encryption for easy hacking. These websites can range from official US government sites like Whitehouse.gov, NSA.gov and FBI.gov to banks.
Meanwhile, Apple has clarified that it will provide a software update to address the vulnerability by next week, while the former on will share the same through device makers and wireless carriers.