What is the latest internet security scare?

2015-11-02_2005One of the biggest security scares right now is the `freak`. This security scare has affected various platforms where Google Inc`s android operating system is one of the platforms that are suffering this huge security scare. Other platforms that have been affected include the Windows and the Mac computers as well as the Apple`s Inc`s line of the IOS-based devices.

However, this security scare should not freak out. The big Companies such as the Microsoft and the Apple have security experts who are carrying out various attacks that are related to the freak SSL. The companies have released various software patches which are best designed to suit all these issues that are modified to help in solving these issues.

The discovery of freak resulted from the research that was conducted by the French Institute for Research in Computer Science and Automation. Microsoft was also involved in this research. This exploit majored in dealing with the various major issues of TLS and SSL which are very popular protocols of cryptography applied in the securing of the websites where all the users have the chance of putting various sensitive data.

The freak vulnerability facilitates the ability of the attacker to create an interception in the HTTPS connections between the vulnerable server and client. Therefore these actions will result in forcing these platforms in using the weaker form which has an encryption of 512. Therefore the attacker will be in a position where he can manipulate the information that is being created by the server. If the attacker is successful in their procedures, then he can go ahead and spy various important settings and activities on the device of the user and they will end up creating malicious software after completing their mission of spying.

David Skillicorn (Computer Professor at the Queen`s University School and a hacking expert) says that it is clear that the intelligence agencies of some Companies have been exploiting this vulnerability and he thanks the U.S. government for making this mission a success.
The restrictions of encryption were made in 2000 where websites started using some more complicated 128-bit cipher with an aim of creating protection against the sensitive data.

If you want to know whether a website is using the necessary vulnerable protocols is to make a note of the various times when the `HTTPS` is used while displaying the particular email address. These problems have been reported to be stemming out from the open SSLwhere the same protocol which caused the Heartbleed fiasco.

Leave a Reply