Lax encryption policy there a few years now generates significant consequences with loopholes allowing Freak attacks.
See This: Ubuntu 15.04 Vivid Vervet planned for 2015
The Freak attacks (RSA Factoring Export Keys) concern the exploitation of vulnerabilities on older ciphers and therefore subject to the sometimes forgotten vulnerabilities.
The main reason for these important vulnerabilities on TLS / SSL is the encryption policy that the United States wanted to impose, there many years. Today, these oversights leave a legacy of flaws of any kind.
Freak new vulnerabilities discovered by computer security experts
Computer security experts have summarized the problem of Freak attacks in these terms: " The agility of the TLS protocol suffers from swelling of his inheritance: After 20 years of the standard changes, it has many versions, extensions, and cipher suites, some of which are no longer used or known to be non-secure . "
It is true that the successive developments of protocols, interaction with servers and authentication methods have changed over time; many updates, bug fixes, secure overlays, etc. have not always corrected the underlying problems. Vulnerabilities on SSL (Secure-Socket Layer) therefore offer the possibility of hackers to intercept exchanges and break encryption.
Freak: critical security vulnerabilities that do not new
In the 90s, the United States wanted to establish a rather weak encryption policy or lax about many protocols, especially on foreign services. A decision on which they returned a few years later, but not totally correct some of these delays. Security experts explain: " the implementations of cryptographic security analyzes have focused on the flaws of the protocol constructions, leaving the review of state machinery . "
Numerous websites are affected by FREAK faults. It would issue almost a third of the websites in the world, especially those using OpenSSL and TLS / SSL Apple customers. Browsers are not spared as the Safari browser and the built-in Android also suffer from this type of faults. More surprisingly, even sites like the NSA, FBI and the White House are concerned Scary!
See This: Ubuntu 15.04 Vivid Vervet planned for 2015
The Freak attacks (RSA Factoring Export Keys) concern the exploitation of vulnerabilities on older ciphers and therefore subject to the sometimes forgotten vulnerabilities.
The main reason for these important vulnerabilities on TLS / SSL is the encryption policy that the United States wanted to impose, there many years. Today, these oversights leave a legacy of flaws of any kind.
Computer security experts have summarized the problem of Freak attacks in these terms: " The agility of the TLS protocol suffers from swelling of his inheritance: After 20 years of the standard changes, it has many versions, extensions, and cipher suites, some of which are no longer used or known to be non-secure . "
It is true that the successive developments of protocols, interaction with servers and authentication methods have changed over time; many updates, bug fixes, secure overlays, etc. have not always corrected the underlying problems. Vulnerabilities on SSL (Secure-Socket Layer) therefore offer the possibility of hackers to intercept exchanges and break encryption.
Freak: critical security vulnerabilities that do not new
In the 90s, the United States wanted to establish a rather weak encryption policy or lax about many protocols, especially on foreign services. A decision on which they returned a few years later, but not totally correct some of these delays. Security experts explain: " the implementations of cryptographic security analyzes have focused on the flaws of the protocol constructions, leaving the review of state machinery . "
Numerous websites are affected by FREAK faults. It would issue almost a third of the websites in the world, especially those using OpenSSL and TLS / SSL Apple customers. Browsers are not spared as the Safari browser and the built-in Android also suffer from this type of faults. More surprisingly, even sites like the NSA, FBI and the White House are concerned Scary!