 |
| Patterns in the leaf giving an insight into Cryptography |
March 3 2015 FREAK Attack Announced
Freak attack is a dangerous flaw revealed recently by scientist that can exploit the cryptos/ciphers in the SSL/HTTPS communication and has a possibility to open up millions of Apple (Safari) and Google(Android) users. The revelation has left many sites vulnerable as the protocols used are those rooted in the discovered flaw.The vulnerability allows attackers to intercept
"HTTPS connections between vulnerable clients and servers and force them to use ‘export-grade’ cryptography, which can then be decrypted or altered. There are several posts that discuss the attack in detail:Matt Green, The Washington Post, and Ed Felten."Reports FREAK Attack Website that is tracking this vulnerability.
The interesting on the table! NSA has been hacked. As if to drive the lesson to the core the worst part is that the problem has its roots in what many calls a misguided U.S. government effort to prevent consumers from having access to strong encryption.
Who Will Be The First to Patch UP
Apple said its fix will be available next week and Google said it has provided an update to device makers and wireless carriers. Probably we will have a fix from Apple in the coming week buts doubtful when their is from Google that the will fix will be pushed to the end user. Millions of Mobile will still be left vulnerable. Attackers are already sophiscating on just how to harvest this flaw. Some experts have pointed out the danger of leaving governments to make policies that weakens the encryption just so that they can easily spy on the nations.
Who Will Be The First to Patch UP
“This was a policy decision made 20 years ago and it’s now coming back to bite us,” said Edward Felten, a professor of computer science and public affairs at Princeton, referring to the old restrictions on exporting encryption code. The Guardian
No comments:
Post a Comment