newly found online security flaw stems from 1990s
Dernière Actualisation :04:52:03 GMT
 Lemarocaujourdhui, lemarocaujourdhui Actualités -
 Lemarocaujourdhui, lemarocaujourdhui Actualités -
Dernière Actualisation :04:52:03 GMT
 Lemarocaujourdhui, lemarocaujourdhui Actualités -

Newly found online security flaw stems from 1990s

 Lemarocaujourdhui, lemarocaujourdhui Actualités -

 Lemarocaujourdhui, lemarocaujourdhui Actualités - Newly found online security flaw stems from 1990s

Newly discovered Internet security flaw could leave many websites vulnerable to hackers
Washington - AFP

A newly discovered Internet security flaw could leave many websites vulnerable to hackers because of weak US encryption standards in the 1990s, researchers said Tuesday.
The flaw dubbed "FREAK" could leave thousands of websites open to attacks if the problem is not patched, according to papers released by French and US researchers.
The flaw was discovered by a team led by Karthikeyan Bhargavan at INRIA in Paris -- the French Institute for Research in Computer Science and Automation -- and disclosure coordinated by Matthew Green, a cryptographer at Johns Hopkins University.
A research paper said the flaw comes from "a class of deliberately weak export cipher suites... introduced under the pressure of US government agencies to ensure that the NSA would be able to decrypt all foreign encrypted communication."
Green said in a blog post that even some sites maintained by the National Security Agency and FBI appeared to be vulnerable.
"Since the NSA was the organization that demanded export-grade crypto, it's only fitting that they should be the first site affected by this vulnerability," Green said.
Green and other researchers said the flaw stems from US government-imposed standards for encryption in software that was exported -- a short-lived effort to allow the United States to be able to access software exported to unfriendly regimes.
- Part of the software -
Even after it became legal to export strong encryption, the export mode feature was not removed from because some software still depended on it, according to Ed Felten, a Princeton University computer science professor.
"The flaw is significant in itself, but it is also a good example of what can go wrong when government asks to build weaknesses into security systems," said Felten in a blog post.
"Many web sites are vulnerable to this attack, allowing an adversary in the network to spoof or spy on traffic to vulnerable sites."
Felten said that the vulnerability on the NSA site is "not a big national security problem in itself because NSA doesn’t distribute state secrets from its public site. But there is an important lesson here about the consequences of crypto policy decisions."
Green said Facebook's site which operates the "like" button was identified as vulnerable but later patched.
Green said the most of the flaws "will soon be patched" but that the flaw is important at a time when the NSA is seeking to maintain access to encrypted software and devices for national security reasons.
"The moral of this story is pretty simple: Encryption backdoors will always turn around and bite you in the ass," he wrote.

lemarocaujourdhui
lemarocaujourdhui

Nom *

Adresse Email *

Nom Du Commentaire*

Commentaire *

: Characters Left

Les conditions d'utilisations *

Les conditions d'éditions

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults. mean Non atteinte à l'auteur ou toutes autres personnes morales, Non atteinte à différents religions, Non incitation à la discrimination raciale et insultes.

J'accepte les conditions d'utilisations et droits d'auteur

Code De Sécurité*

newly found online security flaw stems from 1990s newly found online security flaw stems from 1990s

 



Nom *

Adresse Email *

Nom Du Commentaire*

Commentaire *

: Characters Left

Les conditions d'utilisations *

Les conditions d'éditions

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults. mean Non atteinte à l'auteur ou toutes autres personnes morales, Non atteinte à différents religions, Non incitation à la discrimination raciale et insultes.

J'accepte les conditions d'utilisations et droits d'auteur

Code De Sécurité*

newly found online security flaw stems from 1990s newly found online security flaw stems from 1990s

 



 Lemarocaujourdhui, lemarocaujourdhui Actualités -
 Lemarocaujourdhui, lemarocaujourdhui Actualités -
 Lemarocaujourdhui, lemarocaujourdhui Actualités -

GMT 17:20 2015 Jeudi ,16 Avril

Batteries russes S-300 à l'Iran

GMT 21:15 2015 Dimanche ,11 Janvier

LOI DE FINANCES 2016: UN BUDGET ÉLECTORAL!

GMT 02:49 2015 Samedi ,28 Mars

Qahwaji welcomes Indian Military Attaché

GMT 00:23 2015 Mardi ,24 Mars

Tsipras, Merkel urge end 'stereotypes'

GMT 13:13 2014 Samedi ,13 Septembre

Interior design ideas for baby, teen girls’ bedrooms

GMT 20:31 2015 Jeudi ,09 Avril

Wall Street presque stable à l'ouverture

GMT 00:00 -0001 Lundi ,30 Novembre

Boss Bespoke : autopsie d’un sac

GMT 15:42 2015 Mardi ,17 Mars

US housing starts plunge in February

GMT 05:18 2015 Vendredi ,20 Mars

New York celebrates 'Mad Men' end in style
 Lemarocaujourdhui, lemarocaujourdhui Actualités -
 Lemarocaujourdhui, lemarocaujourdhui Actualités -
 
 Lemarocaujourdhui Facebook,lemarocaujourdhui facebook  Lemarocaujourdhui Twitter,lemarocaujourdhui twitter Lemarocaujourdhui Rss,lemarocaujourdhui rss  Lemarocaujourdhui Youtube,lemarocaujourdhui youtube  Lemarocaujourdhui Twitter,lemarocaujourdhui twitter

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2023 ©

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2023 ©

lemarocaujourdhui lemarocaujourdhui lemarocaujourdhui lemarocaujourdhui
lemarocaujourdhui lemarocaujourdhui lemarocaujourdhui
lemarocaujourdhui
بناية النخيل - رأس النبع _ خلف السفارة الفرنسية _بيروت - لبنان
lemarocaujourdhui, Lemarocaujourdhui, Lemarocaujourdhui