Security flaw from the ‘90s is still a problem today

Security flaw from the '90s is still a problem today

The flaw leaves Apple and Android users vulnerable

According to reports, a security flaw from the ‘90s has recently been discovered that leaves users vulnerable to cyberattacks today. A team of cryptographers has named the weakness “Factoring attack on RSA-EXPORT Key” or FREAK for short. It leaves everyone who uses Safari on Mac and iOS devices as well as Android’s stock browser vulnerable to hacking when they visit secure websites, such as those of the U.S. government.

This stems from a decision made in the ‘90s when the government required weaker encryption on websites for those who were attempting to access them from outside the U.S., thus allowing the NSA to access those communications more easily.

Eventually the government got rid of this requirement, but the encryption was already built from the ground-up into many different software applications which are still used today.

Researchers from Johns Hopkins have proved that this weakness can be used to steal a visitor’s personal information, as well as hack into the website itself. They can’t say whether anyone has already exploited the flaw, but Apple and Google are currently working on a patch regardless.

About the Author

Matt Holden is an Associate Content Editor for 1105 Media, Inc. He received his MFA and BA in journalism from Ball State University in Muncie, Indiana. He currently writes and edits for Occupational Health & Safety magazine, and Security Today.

  • Ahead of Current Events Ahead of Current Events

    In this episode, Ralph C. Jensen chats with Dana Barnes, president of global government at Dataminr. We talk about the evolution of Dataminr and how data software benefits business and personnel alike. The Dataminr mission is to keep subscribers up-to-date on worldwide events in case of employee travel. Barnes recites Dataminr history and how their platform works. With so much emphasis on cybersecurity, Barnes goes into detail about his cybersecurity background and the measures Dataminr takes to ensure safe and secure implementation.

Digital Edition

  • Environmental Protection
  • Occupational Health & Safety
  • Spaces4Learning
  • Campus Security & Life Safety