New FREAK Attack Threatens Many SSL Clients
Security experts have discovered a potentially catastrophic flaw that, for more than a decade, has made it possible for attackers to decrypt HTTPS-protected traffic passing between Android or Apple devices and hundreds of thousands or millions of websites, including AmericanExpress.com, Bloomberg.com, NSA.gov, and FBI.gov. Commenting on this, Lancope CTO, TK Keanini, said:
“Simply put, FREAK is a flaw in the crypto system by which an attacker in the middle of your communication may be able to force the session to a weak cryptographic option ultimately leading to the ability for the attacker to listen in on the session. The vulnerability exists because weak cryptographic methods were once optional. Everyone has moved to stronger cryptographic methods but some clients and severs historically can still negotiate to these weaker crypto.
Users who need to be extra cautious here are ones who, by design, have a entity in the middles of their traffic. For example, some nation states control Internet gateways in in and out of their nation and because of this topological placement are in an optimal place to exploit everyday users. Hopefully this will not last long and clients and servers will be patched and are kept from negotiating to this weak cipher.
While it is not trivial to exploit, the most advanced threat actors do have the capabilities to exploit this vulnerability. Never underestimate the advanced threat actor. It is best to bias toward the worse case and proceed with caution.
Clients and Servers must be configured to NOT allow the negotiation to this particular setting. It will require several conditions to be met, so it is not as severe as Heartbleed which could be readily exploited.
While this is a technical flaw driven by politics, it ultimately is a problem that compromises the technological goals. Cryptography has always been highly controversial and will remain this way as long as there are people who want to monitor private conversations. Even if we set politics aside, we should all treat cryptographic systems as a delay of disclosure and not ultimate privacy. As computing power increases, we must continue to retire older cryptographic methods and make way for new and stronger ones. The trick is to ensure that systems are not allowed to negotiate to the older and weaker techniques.”