[Ach] FREAK Attack

Raoul Bhatia raoul at bhatia.at
Wed Mar 4 15:18:32 CET 2015


On 2015-03-03 23:53, Aaron Zauner wrote:
> Hi,
> 
> It seems one of the OpenSSL CVEs from the 8th of jan. got a nice
> catchy name for itself now as well: https://freakattack.com/
> 
> For people that do not follow OpenSSL advisorys closely, TL;DR:
> If you're using an unpatched OpenSSL version or have a cipherstring
> that allows for RSA_EXPORT you really should be updating by now.

Do I correctly conclude that
I am safe if I have followed the ACH guide?

Thanks,
Raoul
-- 
DI (FH) Raoul Bhatia M.Sc.     |   E-Mail.  raoul at bhatia.at
Software Development and       |   Web.     http://raoul.bhatia.at/
System Administration          |   Tel.     +43 699 10132530



More information about the Ach mailing list