Leave a comment

Huge OS flaw makes surfing the web a serious risk

Huge OS flaw makes surfing the web a serious risk

Most of us probably don't realize it but there's one operating system out there that's more dominant than Windows, iOS or OS X.

It currently powers supercomputers, servers, smartphones, smart TVs, cars, spaceships, entertainment systems, and pocket computers. You name it, this system is probably involved with it one way or another. It is so well adopted that it totally surrounds us.

Of course, we are talking about Linux, the free and open-sourced computer operating system. It is the system Android is based on and it is now the go-to software for business mainframes, and more importantly, web servers.

This makes potential Linux flaws and bugs critical to the security and safety of users everywhere, regardless of operating system allegiances, since a huge chunk of the internet runs on Linux.

One such Linux flaw was discovered recently and it could have dire consequences if it's not addressed properly.

Security researchers from the University of California at Riverside and the US Army Research Laboratory found a serious vulnerability in how Linux systems communicate with internet traffic. The flaw involves Transmission Control Protocol (TCP) connections, the language that facilitates all internet communication.

The flaw is said to allow attackers to intercept and hijack web traffic, inject malicious code to unsuspecting clients, perform denial-of-service attacks, and even disrupt and crash encrypted internet communications.

Ironically, the vulnerability is caused by a Linux internet standard that was implemented to protect systems from hackers. The standard named Request for Comments: 5961 (RFC 5961) was introduced to the Linux kernel in 2012 and it is supposed to improve TCP security and protect against blind in-window attacks.

Internet communication between server and client relies on TCP data packets that are identified by a specific numerical sequence. The idea is that since there are 4 billion possible sequences, it will be difficult to identify which packets belong to whom and where they're headed.

But now, with this newly revealed flaw, security researchers say that an attacker could infer the exact numerical sequence of a specific connection just by knowing the IP addresses of server and client.

This means attackers could just monitor traffic remotely, spoof a web server IP address, exploit the flaw to get the TCP packet number sequence, then inject whatever they want to the TCP data packet stream.

They demonstrated how quick and easy this attack could be implemented with a proof-of-concept video that showed how they intercepted unencrypted traffic from the actual USA Today website and injected their own content.

The researchers say that accurately guessing the TCP sequence numbers only takes 10 seconds and a complete attack could be accomplished in under a minute. Their success rate is 88 to 97 percent.

Although patches and updates for the vulnerability have already been issued to the current Linux kernel, Android devices, smart TVs, smart appliances, and other Linux systems are still vulnerable.

The good news is that RFC 5961 is also not fully deployed on Windows or OS X yet, so these operating systems are believed to be safe for now, but this is unclear at this point.

Next Story
Source: Cio
View Comments ()
Eye-opening proof that online spying can happen to YOU
Previous Happening Now

Eye-opening proof that online spying can happen to YOU

New OS update makes thousands of smartphones obsolete
Next Happening Now

New OS update makes thousands of smartphones obsolete