There’s no evidence any hackers have exploited the weakness, which companies are working to repair. Researchers who reported the problem this week blamed an old government policy, abandoned several years ago, which required U.S. software-makers to use weaker security in encryption programs sold overseas.
Many popular websites and some Internet browsers can still be tricked into accepting the weaker software. That could make it easier for hackers to break encryption that’s supposed to prevent digital eavesdropping when a visitor types sensitive information into a website.
Apple and Google are said to be distributing software updates to address the flaw. (Brandon Bailey, AP)