How does the FREAK vulnerability affect 1Browser?

saad

This discussion was created from comments split from: 1Password crashes during sync on devices using an Intel processor [Fixed in version 4.2.1].

eltel

Beta sync is also now working on Asus Memo pad. (Am I right in assuming that when logging in to a site directly from 1Password that the stock browser is used which is still vulnerable to "Freak" in Android 4.4.2?)

saad

1Password’s internal browser is built upon the WebView class provided by the Android operating system. This means that the internal browser is affected by any vulnerabilities that affect WebView.

You can check if a browser is affected by the FREAK vulnerability by visiting the following page with it:

https://freakattack.com/clienttest.html

Checking this site using 1Password's internal browser on our test devices shows that it is affected by the FREAK vulnerability on versions of Android prior to 5.0.2. If your device has not received an update that fixes this issue from Google or your device manufacturer, then any applications on your device that make use of Android's WebView class may still be vulnerable.