Security flaw from the '90s is still a problem today
The flaw leaves Apple and Android users vulnerable
- By Matt Holden
- Mar 04, 2015
According to reports, a security flaw from the ‘90s has recently been discovered that leaves users vulnerable to cyberattacks today. A team of cryptographers has named the weakness “Factoring attack on RSA-EXPORT Key” or FREAK for short. It leaves everyone who uses Safari on Mac and iOS devices as well as Android’s stock browser vulnerable to hacking when they visit secure websites, such as those of the U.S. government.
This stems from a decision made in the ‘90s when the government required weaker encryption on websites for those who were attempting to access them from outside the U.S., thus allowing the NSA to access those communications more easily.
Eventually the government got rid of this requirement, but the encryption was already built from the ground-up into many different software applications which are still used today.
Researchers from Johns Hopkins have proved that this weakness can be used to steal a visitor’s personal information, as well as hack into the website itself. They can’t say whether anyone has already exploited the flaw, but Apple and Google are currently working on a patch regardless.
Matt Holden is an Associate Content Editor for 1105 Media, Inc. He received his MFA and BA in journalism from Ball State University in Muncie, Indiana. He currently writes and edits for Occupational Health & Safety magazine, and Security Today.