[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Sign-in]  [Mail]  [Setup]  [Help] 

Status: Not Logged In; Sign In

10 Things You MISSED About Trump's Assassin

In "Major Policy Shift" Biden Authorizes Ukraine's Use Of US Missiles To Hit Targets Inside Russia

MSG ERUPTS Into USA Chants As Trump PULLS UP With Elon Musk And THE AVENGERS To UFC 309!

Preschool teacher-turned-soldier brings down Russian missile with Igla system

Sunday Morning Futures With Maria Bartiromo 11/17/24 | BREAKING FOX NEWS November 17, 2024

Sadhguru's Message to America After Donald Trump's Election Victory

U.S. states are passing internet age verification laws as a cover to compel people into using digital IDs

US Train trackss creak with ago se we build a new line in Peru!!

EVIDENCE OF A ZIONIST MAFIA ₪ HOW ISRAEL CONTROLS THE US AND GLOBAL POLITICS

Women Have Been RADICALIZED, Men HAVE NOT, Data Proves Women Are Becoming MORE EXTREME Politically

Democrat Congressman Dan Goldman Has Worst Case of TDS Yet?

It Is Called 18 U.S.Code 242

Boebert Asks Witnesses If DoD Is Creating ‘Hybrids’ Of Human & Non-Human Genetics

IRAN EXPANDS "NOTAM" TO FOUR ADDITIONAL ZONES - Retaliation Against Israel?

East Coast's Largest Grocer Hit by Cyber Attack: Ahold Delhaize Operations Halted

Sen. Mike Lee Has an Excellent Idea to Stop Democrat Bob Casey From Stealing Pennsylvania’s Senate Race

Left-wing dark money network hauled in more than $1.3B in anonymous donations for liberal causes in 2023

Kennedy to use DOJ investigate and punish collusion between Big Pharma and medical boards /medical journals

Bessent Vs. Lutnick: Musk & RFK Push For Pro-Crypto Treasury Secretary While Bass Backs Rumored Favorite

CNN’s Dana Bash slams anti-Israel protester who confronted her at synagogue: ‘No shame, no decency, and no clue’

Biden's Cabinet Nominees Were Completely Unqualified Compared To Trump's

Elon Musk's X Corp. files notice in Alex Jones' Infowars bankruptcy case

Pilot Fired by Biden. Hired ny Trump.

Blacks have to be defined more than as victims of oppression

No, We Will Not Honor Your Delusions! – Young Conservative

Israeli Troops Reach Deepest Point In Lebanon Since Ground Op Began

Elon Musk Met With Iran's UN Ambassador

Schumer Moves to Silence Criticism of Israel as Hate Speech With 'Antisemitism Awareness Act'

Historic English town that inspired Charles Dickens’ best stories

RFK Jr drives pharma to 15-year low


Science/Tech
See other Science/Tech Articles

Title: Linux vulnerability leaves top sites wide open to attackers
Source: [None]
URL Source: https://www.rt.com/usa/355558-linux-vulnerability-websites-attacks/
Published: Aug 12, 2016
Author: © Beck Diefenbach / Reuters
Post Date: 2016-08-12 02:50:46 by Tatarewicz
Keywords: None
Views: 1397
Comments: 1

RT... A flaw in the Linux operating system lets hackers inject malware into downloads and expose the identities of people using anonymizing software such as Tor – even for those who aren’t using Linux directly.

In a Wednesday presentation at the USENIX Security Symposium in Austin, Texas, researchers with the University of California, Riverside showed that the flaw lies in the Transmission Control Protocol (TCP) used by Linux since late 2012.

READ MORE: US officials covered up China hack of FDIC computers – House report

The networking blunder is present in the Linux kernel, the core of its operating system, and can be exploited by malicious actors to determine whether two systems are communicating with each other, and even inject malicious data into or break their connection.

At the symposium, the researchers demonstrated the exploit by injecting code into a live USA Today page that asks visitors to enter their emails and passwords, which was possible because pages on USA Today aren’t encrypted.

Perhaps most importantly, the intercepting of data doesn’t require a man-in-the-middle attack, where a connection will covertly intercept, collect and pass forward information between two parties. Instead, attackers can just send packets of data to the two targets with spoofed credentials.

“Through extensive experimentation, we demonstrate that the attack is extremely effective and reliable. Given any two arbitrary hosts, it takes only 10 seconds to successfully infer whether they are communicating,” the team wrote in a white paper. “If there is a connection, subsequently, it takes also only tens of seconds to infer the TCP sequence numbers used on the connection. To demonstrate the impact, we perform case studies on a wide range of applications.”

Linux flaw puts millions of PCs, Android smart devices at riskt.co/AiOHutMjfYpic.twitter.com/8Zv92p9OYD — RT America (@RT_America) January 20, 2016

Because Linux runs in the backend on a majority of servers as well as on Android devices, an enormous number of users might be left vulnerable. Even those using the much-vaunted anonymizing software Tor could have their privacy compromised 90 percent of the time in an average time of about 50 seconds.

"In general, we believe that a [denial-of-service or] DoS attack against Tor connections can have a devastating impact on both the availability of the service as a whole and the privacy guarantees that it can provide," the researchers said.

The team notes that because only version 3.6 or later of the Linux kernel has the flaw, systems running older software are not affected. They distributed a patch to fix the vulnerability, but they note a large number of individuals and networks will still be left exposed to miscreants, since the exploit only requires one unpatched party for the attack to work.

Post Comment   Private Reply   Ignore Thread  


TopPage UpFull ThreadPage DownBottom/Latest

#1. To: Tatarewicz (#0)

I won't say this makes me feel great about never having switched to Linux, but it makes me feel kinda great about it....... How vicious people are.

This is just a case of human error, right -- they're not saying anybody's sabotaging the program?

_____________________________________________________________

“We build but to tear down. Most of our work and resource is squandered. Our onward march is marked by devastation. Everywhere there is an appalling loss of time, effort and life. A cheerless view, but true.” - Tesla per FP

NeoconsNailed  posted on  2016-08-12   6:25:56 ET  Reply   Trace   Private Reply  


TopPage UpFull ThreadPage DownBottom/Latest


[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Sign-in]  [Mail]  [Setup]  [Help]