What does FREAK stand for?
FREAK (also known as the Factoring Attack on RSA-EXPORT Keys vulnerability or CVE-2015-0204) is a newly-discovered flaw in SSLTLS, the technology which is supposed to secure your communications across the net.
Why should I be worried?
If the encryption you are relying on for your HTTPS connections is flawed, malicious hackers or intelligence agencies could break it and intercept your communications.They could launch attacks, and potentially sniff out your passwords and private messages.
It's old, why bother now?
In recent weeks, researchers have discovered that they could force browsers to use the weaker encryption and then crack it in a matter of hours, opening up the possibility of stealing passwords and other mischief.
How many websites are affected?
About 12% of websites are thought to be affected.
I own a website, what should I do?
Disable support for any export suites on your web server. Freakattack.com suggests that instead of simply excluding RSA export cipher suites, administrators should disable support for all known insecure ciphers and enable forward secrecy.
FREAK (also known as the Factoring Attack on RSA-EXPORT Keys vulnerability or CVE-2015-0204) is a newly-discovered flaw in SSLTLS, the technology which is supposed to secure your communications across the net.
Why should I be worried?
If the encryption you are relying on for your HTTPS connections is flawed, malicious hackers or intelligence agencies could break it and intercept your communications.They could launch attacks, and potentially sniff out your passwords and private messages.
It's old, why bother now?
In recent weeks, researchers have discovered that they could force browsers to use the weaker encryption and then crack it in a matter of hours, opening up the possibility of stealing passwords and other mischief.
How many websites are affected?
About 12% of websites are thought to be affected.
I own a website, what should I do?
Disable support for any export suites on your web server. Freakattack.com suggests that instead of simply excluding RSA export cipher suites, administrators should disable support for all known insecure ciphers and enable forward secrecy.
No comments:
Post a Comment