Attention

The opinions expressed by columnists are their own and do not represent our advertisers

Monday, March 09, 2015

Millions at risk from 'Freak' encryption bug

Microsoft said it was working on a secure update to close the Freak loophole

Microsoft has issued a security warning about a bug that could let attackers spy on supposedly secure communications.

Called "Freak", the bug was found in software used to encrypt data passing between web servers and web users.

Initially the flaw was thought only to affect some users of Android and Blackberry phones and Apple's Safari web browser.

Microsoft's warning suggests millions more may be at risk of losing data.

The Freak flaw was discovered by encryption and security expert Karthikeyan Bhargavan and lets attackers force data travelling between a vulnerable site and a visitor to use weak encryption. This makes it easier to crack open the data and steal sensitive information.

Statistics gathered by a group set up to monitor the impact of the Freak flaw suggest about 9.5% of the web's top one million websites are susceptible to such attacks.

The monitoring group has also produced an online tool that lets people check if they are using a browser that is vulnerable to the flaw.

More

1 comment:

Anonymous said...

By freak, they mean a freak occurrence that you found it. I am sure it was placed there as a backdoor for some outback Nazi law enforcement group.