On March 3rd, security analysts revealed that they had uncovered a new security vulnerability that they called FREAK. Named for ‘Factoring RSA Export Keys’, the FREAK attack relies on forcing a user’s browser to use an outdated and less secure form of encryption called ‘Export Grade Cryptography.’
The method used for this exploit is the man-in-the-middle attack. The man-in-the-middle attack intercepts traffic and sits between the end user and the web site. The man-in-the-middle forces a legitimate website to use the low grade encryption connection and only offers the low grade encryption to the end user. This low grade encryption traffic is captured and analyzed to steal the end user’s credentials, which can be used to breach this and other accounts owned by the user.
Many vendors have already released patches to prevent the FREAK attack. To test a browser, you can go to this link https://freakattack.com/clienttest.html. For more detailed information on which browsers are affected, follow this link https://freakattack.com/.
In the mid-1990’s, when the World Wide Web was beginning to become widespread, the NSA and the Government were concerned that foreign enemies might use strong encryption to send and receive messages that they could not read. To prevent this, the United States Government passed legislation that prevented the exportation of strong encryption technology and only allowed a ‘weaker’ 512 bit encryption to leave the country. They did this so that foreign companies’ data would be somewhat protected, but if the Government required it, the NSA could intercept and decrypt any data that was needed. In the late 90’s and early 2000’s, most of the legislation forbidding exportation of strong encryption software was repealed, although some restrictions remain.
