How does the FREAK vulnerability affect 1Browser?

Comments

  • eltel
    eltel
    Community Member

    Beta sync is also now working on Asus Memo pad. (Am I right in assuming that when logging in to a site directly from 1Password that the stock browser is used which is still vulnerable to "Freak" in Android 4.4.2?)

  • 1Password’s internal browser is built upon the WebView class provided by the Android operating system. This means that the internal browser is affected by any vulnerabilities that affect WebView.

    You can check if a browser is affected by the FREAK vulnerability by visiting the following page with it:

    https://freakattack.com/clienttest.html

    Checking this site using 1Password's internal browser on our test devices shows that it is affected by the FREAK vulnerability on versions of Android prior to 5.0.2. If your device has not received an update that fixes this issue from Google or your device manufacturer, then any applications on your device that make use of Android's WebView class may still be vulnerable.

This discussion has been closed.