Time to FREAK out? How to tell if you’re vulnerable
Nervous about the FREAK flaw? Freakin’ out?
Not everyone is vulnerable to the potential attack vector that researchers from INRIA, a French research institute, and Microsoft disclosed yesterday.
Browsers running in Windows, for example, including Internet Explorer 11 (IE11), are immune to the threat.
The flaw affects SSL (Secure Sockets Layer) and its successor, TLS (Transport Layer Security) — the protocols used to encrypt traffic between browsers and website servers. By interposing themselves between users and servers, typically via a classic “man-in-the-middle” (MITM) attack at a public Wi-Fi hotspot, hackers can leverage the long-standing weaknesses in SSL and TSL to intercept and read that supposedly-secure traffic.