Patches are in the works for major security bug known as FREAK that hit the tech-blog headlines last week. But until the fixes are released, you don’t need to freak out yourself. There are steps you can take now to shore up your protection.
Contrary to initial reports that said only mobile devices and Mac computers were at risk, anyone who uses Windows or Internet Explorer may also be vulnerable to FREAK, short for “Factoring Attack on RSA-EXPORT Keys,” according to Tech Times.
“It’s a bit worse than how one researcher initially described it: ‘as a zombie from the ’90s,'” Tech Times said.
According The Hacker News, FREAK can cause reversion to an outmoded encryption system, making it “significantly easier for hackers and cyber criminals to easily decode intercepted HTTPS connections, revealing sensitive information such as login passwords, login cookies, and even banking information. The report said:
However, this is only possible if the website or service at the other end is still supporting 1990s-era “export-grade” cryptography or 512-bit RSA, which were approved by the U.S. government for overseas export. It was assumed that most servers no longer supported weak 512-bit RSA keys, but unfortunately, millions of websites and services are still available on the Internet using them.
Tech Times suggests taking a few simple steps to protect yourself from FREAK:
- Firewall. If you don’t already have a firewall installed, do it now.
- Keep updated. Make sure that you’ve updated your Microsoft software and applied the most recent fixes.
- Anti-virus. Install an anti-virus program on your computer if you don’t have one already.
- Safe browsers. “Only use browsers deemed safe at this point: Chrome, Firefox, Opera on Windows, Firefox on OS X, Firefox on Android and Chrome on iOS,” Tech Times said. If you’re unsure if your browser is protected, click here to check.
What anti-virus and firewall programs do you use? Share your comments below or on our Facebook page.
Disclosure: The information you read here is always objective. However, we sometimes receive compensation when you click links within our stories.