“FREAK” Security Flaw Discovered Lurking In Many Computers For Decades, Apple Promises Fix Next Week

The short version: hackers force a victim’s connection to use long-forgotten encryption ciphers left behind in popular products (Android, Apple’s Safari) instead of today’s stronger stuff, then decrypt the data.

As of this morning at 1 a.m., researchers were able to coax a good chunk of the web’s most popular sites into accepting the now-obsolete encryption request.

They’ve put up a list of some of the sites HERE, and it’s a doozy. Banking sites, quite a few retail sites, and even a few U.S. government sites make an appearance.

Named by the researchers as one of the larger parties at risk here, Apple was quick to respond with a promise to fix things on their end. Writes an Apple spokesperson: “We have a fix in iOS and OS X that will be available in software updates next week.”
READ MORE: http://techcrunch.com/2015/03/03/freak-security-flaw-discovered-lurking-...