- This topic has 4 replies, 2 voices, and was last updated 9 years, 1 month ago by
.
- Posts
-
Attack of the week: FREAK (factoring the NSA for fun and profit)
This is the story of how a handful of cryptographers ‘hacked’ the NSA.
It’s also a story of encryption backdoors, and why they never quite work out the way you want them to.A group of cryptographers at INRIA, Microsoft Research and IMDEA have discovered some serious vulnerabilities in OpenSSL,
(e.g., Android) clients, and Apple TLS/SSL clients, (e.g., Safari),
that allow a ‘man in the middle attacker’ to downgrade connections from ‘strong’ RSA to ‘export-grade’ RSA.
These attacks are real and exploitable against a shocking number of websites, including government websites.You can check here if your browser is safe: https://freakattack.com/clienttest.html
Pale Moon 25.2.0 is OK.
You can check here if your browser is safe: https://freakattack.com/clienttest.html
Pale Moon 25.2.0 is OK.
Here is how to secure Internet Explorer
Tools → Internet Options → Advanced
Scroll down to the bottomMark TLS 1.2, unmark all the other SSL & TLS.
Check your browser: https://freakattack.com/clienttest.html
Here is how to secure Internet Explorer
Tools → Internet Options → Advanced
Scroll down to the bottomMark TLS 1.2, unmark all the other SSL & TLS.
Check your browser: https://freakattack.com/clienttest.html
- You must be logged in to reply to this topic.
