Wednesday, March 4, 2015

Computer security freaks

The meaning of the word ‘freak’ has changed over time. ‘Freak’ means something strange or unusual. This is why it has been associated to the world of circus for centuries. Freak Shows arose in England in the seventeenth century. It used to have place on the street to entertain people in the largest squares showing individuals with grotesque unique qualities.

After several centuries, the whole alternative culture lead by artists such as David Bowie or Roxy Music was considered ‘freak’ in contrast with more traditional rock. But this word has a new meaning, it is how a new vulnerability in the encryption protocol used in secure communications by Safari and Android's default browser has been named. FREAK (Factoring attack on RSA-EXPORT Keys) allows a cybercriminal to force the use of 512-bits encryption keys instead of the 2048-bits ones established by the rules. It is a way to simplify the access to the encrypted content.

FREAK techniques could allow an attacker to control a website’s directory and perform malicious campaigns as happened to a Colombian gym whose website was used by cybercriminals to host a scam. They took users from there to a fake PayPal website where, of course, they stole users’ personal details.

But it could be even worse. There are proofs of that the air traffic control system is vulnerable to external attacks that could jeopardize sensitive data from internal operations, as well as the access to control, audit and monitoring of all processes. The FAA has already warned of this situation and released a guide to mitigate it as well as securize all systems involved in this type of command centers.

In the end, any not ordinary thing can be considered as ‘freak.’ For example, the virus specifically designed to bypass the poor protections of antivirus in 1993 could be seen as freak as well. It was not the first malicious software, but it may be the forefather of APT (Advanced Persistent Threat) techniques.

Well, we hope that soon those who don’t take the time to protect their digital communications can be considered as freaks. Because careless will be the strange, odd, or even grotesque thing.


Post a Comment