Newly found online security flaw stems from 1990s

A newly discovered Internet security flaw could leave many websites vulnerable to hackers because of weak US encryption standards in the 1990s, researchers said TuesdayA newly discovered Internet security flaw could leave many websites vulnerable to hackers because of weak US encryption standards in the 1990s, researchers said Tuesday. The flaw was discovered by a team led by Karthikeyan Bhargavan at INRIA in Paris — the French Institute for Research in Computer Science and Automation — and disclosure coordinated by Matthew Green, a cryptographer at Johns Hopkins University. Green said in a blog post that even some sites maintained by the National Security Agency and FBI appeared to be vulnerable. “Since the NSA was the organization that demanded export-grade crypto, it’s only fitting that they should be the first site affected by this vulnerability,” Green said.

Share this article