March 20, 2015

-
min read

The FREAK Vuln: What It Is and What You Can Do

Lookout Life
Lookout Life
Mobile Security: Privacy & Identity Protection

What is the FREAK vulnerability?

FREAK is the latest in a line of recently uncovered vulnerabilities affecting the way communications are secured over the Internet. Specifically, it impacts SSL/TLS and stands for “Factoring attack on RSA-EXPORT Keys”. The bug allows an attacker to sit between your HTTPS connection and the vulnerable client or server and force you to use a less secure version of encryption. This downgraded encryption may allow an attacker to obtain your data.

Is Lookout affected?

No, Lookout’s infrastructure is not impacted by the FREAK vulnerability. Users are not at risk through Lookout’s product, however, that does not mean that your device itself is not otherwise vulnerable.

What can I do to protect myself?

Unfortunately, like the Heartbleed and POODLE vulnerabilities, people need to wait for a patch from their carrier or device manufacturer to be released. Apple has released a patch for Safari on iOS and Mac OS. Google has promised a patch, but has not yet released one.

If you’ve received an official manufacturer or carrier update to your operating system, install it!

With Lookout Life, Staying Protected Has Never Been Easier

Lookout Life protects your digital information at every level. Device security, online privacy protection & identity financial protection for total peace of mind.