Bad, Old U.S. Policy Causes ‘FREAK’ Computer Bug
Buried somewhere deep inside the code of some Web browsers and websites is an old, weak version of encryption that can easily be cracked. And the only reason it exists is because of bad U.S. policies that have since been abolished.
Back in the 1990s, the federal government restricted the export of powerful data encryption. Computer companies were forced to employ two versions of encryption: weak and strong. But the weak stuff stuck around long after it was no longer needed.
The bug was found late last year by academic security researchers at the French computer science institute INRIA. They’ve been quietly helping Apple and others fix this behind the scenes since November. They dubbed it the FREAK bug, short for “Factoring Related Attack on RSA Keys.”
Akamai (AKAM), a company that hosts websites with an extra layer of protection, made the bug public on Tuesday. The company said it’s racing to fix the problem for all of its customers.