Old Security Flaw Leaves Apple And Android Users Vulnerable

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
How does stuff like this happen? Seriously, a security flaw from the 1990s? :eek:

A team of cryptographers have discovered that a security flaw from way back in the '90s still leaves users today vulnerable to cyberattacks. They've dubbed it "Factoring attack on RSA-EXPORT Key" or FREAK, and it renders everyone who uses Safari on Mac and iOS devices or Android's stock browser susceptible to hacking when they visit certain "secure" websites.
Click to expand...
 
Hmm, does that mean KHTML is also vulnerable since webkit is derived from it? What about trident, gecko, presto, or blink?
 
"Android's Stock Browser" is now Chrome (as of Android 4.4), not Android Browser (which is discontinued). So this story is a bit inaccurate.
 
Software has become hyper complex and an amalgamation of previous packages.

Time to start over.
 
FUD.

"That's why during the research, the team managed to force browsers to use the weaker encryption, which one member was able to break within seven hours using the power of 75 computers."
 
timta2 said:
FUD.

"That's why during the research, the team managed to force browsers to use the weaker encryption, which one member was able to break within seven hours using the power of 75 computers."
Click to expand...

7 hours isn't a long time to extract a key that will remain usable until the next server reboot (which could be years). It's not like you have to extract a new key for each session or anything.
 
You must log in or register to reply here.
Back
Top