A small negligence by America’s National Security Agency (NSA) has left millions of internet users vulnerable to hacking even though they visit the so called ‘secured’ websites in today’s date.
A team of researchers has found out that Apple and Google devices have been vulnerable to a major security bug called ‘FREAK attack’.
Researchers blame the encryption flaw on a former American policy that barred US companies from exporting highest encryption standards available, according to Washington Post report. When the ban was lifted in 1990s, the weaker encryption had already become a huge part of the softwares and web browsers being used across the world.
The FREAK attack affects Apple web browsers and the browser built into Google’s Android software, but not Google’s Chrome browser or current browsers from Microsoft or Firefox-maker Mozilla.
Tom’s Guide ran a security check on all the available web browsers and came up with a list to help people, who freaked out because of FREAK, know if they are using a secured browser.
Vulnerable browsers
- Safari on OS X (older versions of Chrome are still vulnerable as well)
- Chrome, Dolphin, Opera and (reportedly) the stock browser on Android
- Safari, Dolphin and Opera Mini on iOS
Safe browsers
- Chrome, Firefox, Internet Explorer and Opera on Windows
- Firefox on OS X (Chrome 41, pushed out today, is also immune)
- Firefox on Android
- Chrome on iOS
Google and Apple whose web browsers are quite vulnerable FREAK attack, have come up with software fixes so the users of these web browsers don’t fall prey to any snooping.
Apple spokesperson Ryan James said that the Cupertino tech giant has developed a fix for the FREAK bug but the fix will be pushed out to the users only next.
At the other hand Google has developed the fix for the bug and pushed it to the parted already. However, it’s been a big question that when will Google’s partners like Samsung, Micromax, HTC release the fix for the bug.
Apart from Apple and Google, many of the website operators have also started taking security measures so the vulnerability doesn’t result in an actual hacking.
The list of affected websites is very long but websites which people use on daily basis like Business Insider, Axis Bank, Jabong, Groupon, American Express, Bloomberg, Airtel, Zomato, National Georgraphic, Gaana, Zdnet and IBTimes (UK edition) are vulnerable to the security threat.
