‘FREAK’ is out and the personal computing world has taken notice. A vulnerability known as ‘FREAK’ can take advantage of secure Internet connections on websites with a man-in-the-middle hack. While the hack has not been exploited to this point, many warn about what it could eventually do to the computing industry if it is left unchecked. That being said, browsers like Google Chrome and Apple Safari – that were directly impacted by this vulnerability that has existed since the 90’s – are being fixed to correct the failure.
Security experts warn, “If a server is willing to negotiate an export ciphersuite, a man-in-the-middle may trick a browser (which normally doesn’t allow it) to use a weak export key.” The concern is real, even if it hasn’t ever been exploited before. For these two companies it’s a strange moment for them to be at the center of a potential hacking story when they have both had their share of issues, and gone to great lengths to shore up new and old problems. Most notably, Apple experienced a hack within their system in 2014 and Google has had an extended policy that has been in place for several months which allows them to disclose any and all security flaws they find in other operating systems or software – within the 90 days that the company says is enough time for others to correct outstanding issues.
At this point, it’d be fair to say that Google and Apple might wish they had some time to prepare. However, they are reportedly working on correcting the issue with a new patch that will correct all of these outstanding issues. However, it is worth noting that anyone who is operating over an unsecure network and operating with either older, or buggy versions of FireFox, Chrome, or Internet Explorer – they should be slightly concerned. While it isn’t something that will impact every person or even the moderately careful person – as many as 33% of websites are said to be impacted by being tricked into believing that the security credentials are legit.
This though is just the latest in a series of security flaws and hacks that have made the entire computing world concerned about their safety and privacy online. This is a trend that as we become more, and more digital will be less surprising as time goes on.