Apple and Google are preparing patches for a newly-revealed bug in the web encryption protocols used by the two companies' mobile browsers.
The FREAK bug disclosed yesterday is the latest in a series of vulnerabilities affecting the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols used to encrypt traffic between an HTTPS website and a browser.
A man-in-the-middle attacker can force connections between affected browsers and websites to downgrade from 'strong' RSA encryption to a weaker version known as 'export grade' RSA. That weaker version is a by-product of laws from the 1990s that made it illegal to export from the US products with strong cryptography.
Thousands of sites are vulnerable, including that of the US National Security Agency - the same agency that pushed for weaker export grade encryption, according to Ed Felten, director of Princeton's Center for Information Technology Policy.
"There is an important lesson here about the consequences of crypto policy decisions: the NSA's actions in the '90s to weaken exportable cryptography boomeranged on the agency, undermining the security of its own site twenty years later," Felten wrote on his blog yesterday.
The bug affects SSL/TLS servers and clients, in particular OpenSSL browsers, such as the Android browser that shipped with all Android devices before version 4.4 KitKat, according to the researchers at INRIA in Paris who discovered the flaw. KitKat, which shipped with Chrome as the default, currently accounts for about 40 percent of all Android devices, but that still means the bulk of Android devices are affected.
Apple's Safari browser on desktop systems and mobile devices is also affected. However, Chrome is not affected and nor are Internet Explorer and Firefox.
A patch for Android users is likely to take a longer time to arrive. Google told Reuters it had provided a fix to its Android partners such as handset makers and carriers, however it's not clear if or when those partners will push the patch to end-users.
Google had not responded to request for comment at the time of publication.
Update: Tests for latest version of Chrome at FREAKattack.com's client checker for the bug indicate that Chrome for Android (version 40.0.2214.109) and Chrome for Mac OS X (40.0.2214.115) are vulnerable, even though they don't offer export-grade RSA.
Read more on this story