Linux vulnerability leaves top sites wide open to attackers, page 1

posted on Aug, 11 2016 @ 06:12 PM

link

A flaw in the Linux operating system lets hackers inject malware into downloads and expose the identities of people using anonymizing software such as Tor

The networking blunder is present in the Linux kernel, the core of its operating system, and can be exploited by malicious actors to determine whether two systems are communicating with each other, and even inject malicious data into or break their connection.

Perhaps most importantly, the intercepting of data doesn’t require a man-in-the-middle attack

Instead, attackers can just send packets of data to the two targets with spoofed credentials

Because Linux runs in the backend on a majority of servers as well as on Android devices, an enormous number of users might be left vulnerable. Even those using the much-vaunted anonymizing software Tor could have their privacy compromised 90 percent of the time

Source

Linux operating systems have been found to have a dangerous vulnerability. I wonder if the various intelligence agencies knew about this, and for how long?

ParadigmMind

posted on Aug, 11 2016 @ 06:18 PM

link

a reply to: trollz

Right . . . if anyone needs me I'll just be over here madly updating every OS I own . . .

Tjoran

posted on Aug, 11 2016 @ 06:27 PM

link

I wonder if this exploit is the reason reddit is down for emergency maintenance, that only happens like, never. Also i wonder if it's linked with the new DNC hacks? (www.abovetopsecret.com...)

TEOTWAWKIAIFF

posted on Aug, 11 2016 @ 06:38 PM

link

a reply to: trollz

The error is not in the kernel itself but in TCP (Transmission Control Protocol) which is a major part of networking computers together.

The exploit can be used for DoS attacks.

stormcell

posted on Aug, 11 2016 @ 06:42 PM

link

Here's when it was first considered and discussed (RFC5961)

tools.ietf.org...
tools.ietf.org...

When two computers communicate through TCP/IP, each have an IP address (eg. 85.13.54.45), a port number. Then packets sent to each other also have sequence numbers so that the correct order can be determined if if they get mixed up while traveling through the Internet. This attack requires that specially constructed packets are sent from a third party to one of the two computers with different sequence numbers until the connection is intercepted.

This concept has been known about since at least September 2009.

grey580

posted on Aug, 11 2016 @ 06:47 PM

link

a reply to: trollz

Title should read.

NSA backdoor into linux is working like planned.

You're welcome.

boncho

posted on Aug, 11 2016 @ 07:09 PM

link

Quick, someone invent a time machine so we can send someone back to 1975 to retrieve a IBM 5100 and bring it back to fix the massive disaster that....(whoops, it hasn't happened yet. Okay, just ignore this for a bit.)

edit on 11-8-2016 by boncho because: (no reason given)

ParadigmMind

posted on Aug, 11 2016 @ 07:19 PM

link

a reply to: boncho

I see what you did there.

verschickter

posted on Aug, 11 2016 @ 07:42 PM

link

a reply to: stormcell
1997

www.citi.umich.edu...

But you´re right... the idea of TCP packet spoofing is nothing new and has been done plenty in the past. This affects kernels since 3.6 that would be mid 2012 if I don´t mess up the dates.

pauljs75

posted on Aug, 15 2016 @ 11:37 AM

link

Now I'm curious who rolled out the code for the TCP part in 2012. Could this exploit have been introduced purposely by one of the code contributors? Something to consider if the prior releases didn't have it.

If the main Linux distros are on top of their game, I suspect this may get patched relatively soon now that it's known about.