'FREAK' attack on Apple and Google makes users defenceless

amlooking555 - Amlooking4 Business Network

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

1 page

English

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

A propos
Informations
Extrait

Description

Join with the world's largest small business networking portal, Amlooking4 enables businesses to reach out to the world of opportunities locally or globally

Informations

Publié par	amlooking555
Publié le	08 mai 2015
Nombre de lectures	0
Licence :	Tous droits réservés
Langue	English

Extrait

'FREAK' attack on Apple and Google makes users defenceless Most of us have one question in mind while browsing; who has the most secure mechanism in the world of technology? The answer is none! With the latest news pouring in about how the supposedly secure website browsing even of whitehouse.gov, nsa.gov and fbi.gov apparently being insecure from Apple and Google devices, our gasps have gotten a little louder since then. Millions of us have been browsing the highly professed secure websites from self-styled secure devices of Apple and Google, which now seems was open to hackers like any other all the time. The security flaw known as 'freak attack' has existed since, like forever until this year. Although presumably no one has yet exploited the flaw, which is currently being repaired, it shows how sometimes minor faults can leave someone out in the open alone, with millions of hackers pointing guns at you. This flaw resulted from an old and abandoned U.S government policy which forbade the export of strong encryption programs with the products sold overseas for national security concerns. Those restrictions were lifted over decade ago, but the weaker encryption was unknowingly used throughout the world, including United States, until it was noticed this year. Matthew D. Green, an expert in applied cryptography and network security and assistant research professor in the Department of Computer Science of John Hopkins University said that US government maintained to deliberately weaken the strength of encryption keys so that NSA can have access to all of them for surveillance purposes back in the 1990s. Although the policy was abandoned later, the weaker encryption kept making the rounds through iPhones, Android devices, Mac OS X computers and a large number of secured (HTTPS) websites, since no one had any idea about it. Out of the third of websites vulnerable to attack, consists of banks, media sites and government sites. Apple and Google are currently working to create a fix for the freak attack on RSA export keys. A handful of the government websites has been fixed while many are still vulnerable and are being worked upon. While Google has already provided a patch for makers of Android devices last week, Apple has affirmed to provide the security patch by this week. The browser in Android devices is vulnerable while the chrome browser is not. Similarly, Microsoft browsers and Mozilla browsers are not vulnerable too. This vulnerability is the latest among the series of weaknesses discovered in SSL/TLS, the technology designed to keep online transactions secure.