Sunday, March 8, 2015

Tech Giants Scramble to Fix ‘Freak’

Get Your Freak OnWay back in the latter end of the last century - the 1990s, when Netscape browser was all the rage and - SSL (Secure Socket Layer) encryption was brand-spanking-new, the U.S. government wanted control over export of “weapons grade” encryption.
Its theory was that domestic communications could benefit from stronger, 128-bit encryption, but 'backdoors' should be available to U.S. intelligence and law enforcement when it came to foreign communications. Thus, the concept of weaker, “export grade” encryption was born.
Turns out that this legacy backdoor, a vulnerability that we’ve come to know as 'FREAK' still exists in up to 30 percent of web servers. It’s a sad example of how zombie security holes from the era of grunge can come back and bite us on the posterior.



Meanwhile, Apple and Google are saying they've developed fixes/patches - though we note Apple has yet to deploy -  to mitigate the 'Freak' security flaw. Initially thought to be immune, Microsoft released an advisory which warned hundreds of millions of Windows PC users are also vulnerable to the security vulnerability  :: Read the full article »»»»

CIA overhaul to boost cyber capability and security amid growing threat of digital attacks

The CIA plans to radically overhaul operations, ramping up its capability to deal with cyber threats while boosting integration between departments via a network of new units, the agency says.
Central Intelligence Agency director John Brennan outlined the proposed changes to the agency in a message to staff on Friday described as a "Blueprint for the Future" covering four key areas.
Mr Brennan said the US espionage agency would set up a new "Directorate of Digital Innovation" to reflect the rapidly evolving cyber landscape :: Read the full article »»»»
Blog Widget by LinkWithin