The Small Business Website Guy

  • Home
  • Blog
  • About
  • WordPress Help
  • Services
    • WordPress Help
    • Hacked Site Cleanup
    • Website Management Program
    • Domain Registration
    • Web Hosting
  • Testimonials
  • Contact Us

March 4, 2015 by John

FREAK Flaw Revealed In Smartphones and Apple OS/X Devices

Yet another security flaw that has remained hidden for years has come to light. The so-called FREAK flaw was revealed today in a post on the Ars Technica blog. Those interested in the technical details can read the article.

What Is FREAK?

The acronym stands for Factoring attack on RSA-EXPORT Keys. What that means in English is that some browsers on smartphones and Apple Macs running OS/X are vulnerable to an exploit that targets HTTPS-protected websites. These are typically financial sites like banks, brokerages and mortgage companies and other sites that deal with sensitive information like credit card numbers, social security numbers and the like. In short, exactly the kinds of sites you DON’T want to have security problems!

This flaw creates the possibility for a “man in the middle” attack where someone could intercept and decode data being transmitted between your device and an affected site. HTTPS is supposed to prevent exactly that scenario, but it has recently been discovered that an old out of date security rule allows an attacker to downgrade the level of encryption in certain circumstances to a level where it is possible with today’s available computing power to crack the code, so to speak, quickly enough to make it practical to do so.

Am I Affected?

If you use an Android phone or iPhone or an Apple Mac running OS/X you may be affected. This is a serious potential threat and requires caution on the part of all users of the above devices.

You may run a quick test of your favorite browser by going to this website:

https://freakattack.com/

I just visited the site using Chrome on Windows and got a green message saying that my browser appears to be safe. Firefox is also shown to be safe according to the Ars Technica article. I suggest checking all browsers on your phone or tablet as well as your computer to be sure which ones are currently safe to use. The browser authors are busily patching their software so one that is not safe today may be safe after an update.

The bottom line is: don’t assume yours is safe because someone else says theirs is. Test it for yourself to be sure. You may be on a different release of the software than someone else, so you can’t go by what they tell you.

As always, be careful out there!

John Sawyer

Laptop image courtesy of Stuart Miles on FreeDigitalPhotos.net

Like this post?  Sign up below to be notified when new posts are published:

[email protected]
John

Share this post:

TwitterFacebookLinkedIn

Filed Under: Browsers, Safe Computing, Tools and Utilities Tagged With: android, freak, freak flaw, freak vulnerability, iphone, tablet

Select Module

Recent Posts

  • Protect Yourself From Router Exploit
  • Is GDPR Compliance The Problem?
  • Warning! WordPress 4.9.6 Is Coming
  • MalwareBytes Update Issue
  • Google Issues New HTTPS Guidelines

Find Your Domain

Find a domain starting at $0.48

powered by Namecheap

Reach new audiences and grow your following

Privacy Policy | Terms of Use

Copyright © 2007-2021 by Chon Resources – All Rights Reserved Worldwide

We use cookies for various purposes including analytics and personalized marketing. By continuing to use the service, you agree to our use of cookies. - Privacy Policy
Protected by WebARX