A newly discovered vulnerability called FREAK that is found in the Secure Sockets Layer/Transport Layer Security (SSL/TLS) protocol has had the security community abuzz this past week. FREAK is more technically known as Factoring Attack on RSA-Export Key. (The transposition of the letters in the “acronym” will drive you crazy if you’re a stickler for precision like I am).
Mismatched abbreviation aside, FREAK is a serious vulnerability that has wide-reaching impact. First, researchers found the flaw in OpenSSL (prior to version 1.0.1k) and Apple SecureTransport, and announced that it affected the Safari web browser on Mac OS X computers and iOS mobile devices as well as the standard web browser on Android devices. Then Microsoft issued a security advisory (3046015) warning that the vulnerability also affects the Secure Channel (Schannel) in all currently supported versions of Windows.
SSL/TLS is, of course, the means used by web browsers to encrypt communications being transmitted to and from secure web sites (HTTPS sites) that handle confidential information such as users’ financial data, credit card and bank account numbers, sensitive personal information and so forth.
The problem exists due to a long-standing support for weak 512 bit encryption, which an attacker can force the browser to use instead of the stronger current standard of 2048 bit encryption. This weak encryption was at one time mandated by the federal government for “export” use (software that was sold outside the U.S.) and can be cracked relatively easily. Researchers demonstrated that the vulnerability can be exploited to hack into websites and/or steal site visitors’ personal information. This is done using a “man in the middle” (MITM) technique to intercept traffic between a client computer/device and web server.
The good news is that not all web browsers are vulnerable, according to French researchers as reported by ComputerWorld. Google Chrome turns out to be the safe haven in this case – if you’re running it on Windows, OS X or iOS. Ironically enough, Chrome on Google’s own mobile OS, Android, is vulnerableunless you’re using the beta version (Chrome v41).
As for which websites are vulnerable, Qualys SSL Labs is hosting a web site that lets you run an SSL server test to determine whether a particular website’s server supports the weak encryption and thus is vulnerable. You can find it here: https://www.ssllabs.com/ssltest/index.html
A number of U.S. government sites have been found to be vulnerable.
More good news: In order to carry out an attack using this exploit, the attacker must intercept a connection where both the web browser on the client computer and the web server support these “export grade” ciphers. If only one or the other does, your SSL encrypted transmissions are still safe (from thisparticular exploit, at least). That means companies hosting web servers can protect their visitors by updating those servers to fix the problem on the server side, or users can protect themselves from vulnerable websites by using Chrome or by updating their client systems when the fixes become available.
And when will that be? We’re expecting to see patches for this flaw to be released by the respective operating system vendors in the coming week or so. Apple said they would have an update for Safari on OS X and iOS within the week, and Google has provided a patch for Android, but it will be up to the mobile device vendors and/or wireless carriers to push the patches out for their phones and tablets, so some Android users will likely get the update much sooner than others – and some devices may not ever be fixed.