Science and Tech


'FREAK' Attack Courtesy Of Age-Old Government Policies

'FREAK' attack allows hackers to gain access to your encrypted data.
Posted at 3:22 AM, Mar 04, 2015

Here we go again. Due to age-old government policies, tech companies and IT professionals are rushing to correct a security vulnerability that could give hackers access to encrypted data.

Using the so-called "FREAK" attack, hackers can trick your device or web browser into using a weak form of encryption. Once that happens — since the data is easier to decrypt — it's a hop, skip and a jump before they're able to gain access to your supposedly secure data. (Video via NASA, YouTube / Jeff Quitney)

The Washington Post explains the vulnerability exists due to previous government policies that kept strong encryption technology from being used outside the U.S. The encryption tech is considered "export-grade," which just means it's lower quality and less secure. 

Unfortunately, that "export-grade" tech has found its way into modern software. Even more unfortunately, the vulnerability has existed for more than ten years.

One researcher quoted by the Post called the encryption technology "a zombie from the '90s," because researchers thought it had all but vanished. 

But it hasn't. And a little over 12 percent of the world's most popular websites are affected by the "export-grade" vulnerability. 

To check if you're vulnerable to the "FREAK" attack, you can visit this site set up by the security researchers who found the vulnerability. The site checks your browser and gives you your results. 

Be sure to install the latest updates for your phone, your computer and your web browser. 

For those of you on Apple's iOS or OS X, TechCrunch reports Apple plans to release a fix for the vulnerability "next week."

This video includes images from Getty Images and Brian Klug / CC BY NC 2.0.