Club Benefits
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Daily (Mon-Sun)
Tom's Guide Daily
Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.
Weekly on Thursday
Tom's AI Guide
Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!
Weekly on Friday
Tom's iGuide
Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.
Weekly on Monday
Tom's Streaming Guide
Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
UPDATED throughout 12:45 pm Thursday (March 5) with new browser vulnerability results.
The FREAK flaw in Web encryption disclosed Monday (March 2) is serious, yet affects only some browsers on some platforms. Here's how to tell whether you're affected, and what you can do about it.
University of Michigan researchers have put up a website, https://freakattack.com/, that tells you whether a browser is vulnerable and offers additional information about the attack.
MORE: FREAK Flaw Threatens Android, iOS Devices Worldwide
FREAK, an acronym for Factoring attack on RSA-EXPORT Keys, undermines the security of encrypted Web connections, designated by the "https" prefix or a padlock icon in a website address. (Unencrypted "http" connections are not affected, but were never secure to begin with.) An attacker could use the flaw to intercept an online banking or retail session and gain access to the victim's account or credit cards.
Google is patching Chrome on OS X against the FREAK flaw today (March 4), and Apple promises a fix for Safari on iOS and OS X for next week.
Vulnerable browsers
The following Web browsers are vulnerable to FREAK, according to our tests using freakattack.com:
- Safari and Opera on OS X (older versions of Chrome are vulnerable as well)
- Chrome, Dolphin, Opera and (reportedly) the stock browser on Android
- Safari, Dolphin and Opera Mini on iOS
- Internet Explorer on Windows (added Thursday after the Freak Attack website adjusted its methods)
- Opera on Linux (per the Freak Attack website)
- BlackBerry browser (per the Freak Attack website)
Safe browsers
The following Web browsers are safe from FREAK, according to our tests:
- Chrome, Firefox, Internet Explorer and Opera on Windows
- Firefox on OS X (Chrome 41, pushed out Wednesday, is also immune)
- Firefox on Android
- Chrome on iOS
For now, assume that all browsers in Windows are immune. We've seen reports that all browsers in desktop Linux may also be immune, but we haven't been able to confirm that yet.
What to do about FREAK
Here's what you need to do now to protect yourself from FREAK attacks:
Windows:No worries — you're safe. Use Chrome, Firefox or Opera.
Mac OS X: Use Firefox, or force an update to Chrome 41 by going to "About Google Chrome" under the Chrome menu in the top left of the screen.
iOS: Until Apple pushes out a patch, use the Chrome browser.
Android: Use the Firefox browser. Google has a patch ready for Chrome, but it's up to device makers and wireless carriers to push it out to most Android users.
Linux:You're probably safe. Use a browser other than Opera.
- Can You Hide Anything from the NSA?
- Best Antivirus Software for Mac
- How to Keep Your Smartphone or Tablet Secure
Paul Wagenseil is a senior editor at Tom's Guide focused on security and gaming. Follow him at @snd_wagenseil. Follow Tom's Guide at @tomsguide, on Facebook and on Google+.
