D.R.O.W.N short for “Decrypting RSA with Obsolete and Weakened Encryption” yet another HTTPS vulnerability again calls into question how long kneecapped HTTPS and deliberately weak encryption will be able to keep us safe from the seemingly unending string of hacks. The researchers behind the project said, "Our results illustrate, like FREAK and Logjam, the continued harm that a legacy of deliberately weakened export-grade cryptography inflicts on the security of modern systems, even decades after the regulations influencing the original design were lifted". Government tampering in encryption and the drive to keep encryption weak or back-doored for easy government snooping leaves end users vulnerable to attack from hackers. The government’s capabilities to fight terrorism are not hindered by encryption only by their own stupidity and outmoded investigatory tactics.
3 Likes