The security flaw known as “FREAK Attack” has been discovered in Apple and Google devices, it becomes apparent whilst users are browsing the net. Research experts have pinned the blame on a decade old policy, that has long since been altered. This policy required US manufacturers to release weaker encryption systems when sold overseas, that was apparently due to national security concerns. Apple and Google users could be open to attack when browsing popular websites on their devices which accept the weaker encryption. Hackers would also be able to trick the system into accepting the older software.
Hackers could potentially use this outdated vulnerability to drop into users when they are inputting sensitive details such as passwords or bank details. Security experts estimate the number of websites susceptible to this kind of attack is as high as a third of all encrypted websites. The weakness is said to affect Apple’s own Safari and the in-built browser on Google’s Android software, but those who use Chrome, Internet Explorer or Firefox are safe.
The FREAK attack, technically named Factoring Attack on RSA-EXPORT Keys, has been partially blamed on dangerous government policies which contradict their own initial uses. By requiring the weakening of encryption, even for security purposes, will only prove to benefit hackers. In response to the revelations, both Google and Apple have announced immediate plans to fix the problem, with Apple rolling out the software update within the week and Google have already fixed it in the form of an update for both carriers and device makers.