Linux flaw allows hackers to hijack your internet communications - unpatched since 2012! | |
Anonymous Coward User ID: 72798048 India 08/19/2016 07:27 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 40854418 United States 08/19/2016 07:28 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 72798048 India 08/19/2016 07:28 PM Report Abusive Post Report Copyright Violation | [link to ucrtoday.ucr.edu (secure)] Quoting: Holy cow 72796598 Researchers at the University of California, Riverside have identified a weakness in the Transmission Control Protocol (TCP) of all Linux operating systems since late 2012 that enables attackers to hijack users' internet communications remotely. Such a weakness could be used to launch targeted attacks that track users' online activity, forcibly terminate a communication, hijack a conversation between hosts or degrade the privacy guarantee by anonymity networks such as Tor. The UCR researchers ... identified a subtle flaw (in the form of 'side channels') in the Linux software that enables attackers to infer the TCP sequence numbers associated with a particular connection with no more information than the IP address of the communicating parties. Affects Android too! Unpatched since 2012! Linux is safe, don't worry about security, they said! The researchers have a short video demonstrating the attack : [link to www.youtube.com (secure)] I'm beginning to think that the ultimate answer to avoiding all of this spying bullshit is fpr people to simply discard all personal computers and smart phones, and just use landlines. If you need to use a computer, go to an Internet cafe. If you need to do banking, visit the local branch. A better idea would be to keep two computers , one without internet and one with internet .. no internet no hacking, unless someone is physically going to plant something in your machine !! Not all of us use personal computers just for the internet and microsoft word .. |
The Comedian :D
User ID: 48223816 United States 08/19/2016 07:31 PM Report Abusive Post Report Copyright Violation | ...and fuck windows and fuck anyone promoting that shitbox of an OS. Windows hasn't been an OS since 7. It's now malware that people pay to install. Saint Comedian, Patron Saint of Bringing the Butthurt to Dipshits ‘There are some assholes in the world that just need to be shot.’ - General Mattis, USMC, Secretary of Defense [link to www.godlikeproductions.com] "Subterfuge and social pressure are the wheel and fire of the 21st century" - Some asshole Legal Disclaimer: All comments are intended as humor and/or fiction and not advice, and not to be confused with any event or person, living or dead. |
Anonymous Coward User ID: 72804421 United States 08/19/2016 07:35 PM Report Abusive Post Report Copyright Violation | Well, good news is now this will be patched in short order - if not already by the time you read this post. Windows users foaming at the mouth about this are engaged in meaningless mental masturbation. Enjoy your swiss cheese. |
Anonymous Coward User ID: 72821426 Finland 08/19/2016 07:47 PM Report Abusive Post Report Copyright Violation | Well, good news is now this will be patched in short order - if not already by the time you read this post. Quoting: Anonymous Coward 72804421 Windows users foaming at the mouth about this are engaged in meaningless mental masturbation. Enjoy your swiss cheese. I think it was patched about 3 weeks ago. |
Anonymous Coward User ID: 72804421 United States 08/19/2016 07:55 PM Report Abusive Post Report Copyright Violation | Well, good news is now this will be patched in short order - if not already by the time you read this post. Quoting: Anonymous Coward 72804421 Windows users foaming at the mouth about this are engaged in meaningless mental masturbation. Enjoy your swiss cheese. I think it was patched about 3 weeks ago. Thanks :D |
Anonymous Coward User ID: 72826383 Ireland 08/20/2016 03:41 AM Report Abusive Post Report Copyright Violation | [link to ucrtoday.ucr.edu (secure)] Quoting: Holy cow 72796598 Researchers at the University of California, Riverside have identified a weakness in the Transmission Control Protocol (TCP) of all Linux operating systems since late 2012 that enables attackers to hijack users' internet communications remotely. Such a weakness could be used to launch targeted attacks that track users' online activity, forcibly terminate a communication, hijack a conversation between hosts or degrade the privacy guarantee by anonymity networks such as Tor. The UCR researchers ... identified a subtle flaw (in the form of 'side channels') in the Linux software that enables attackers to infer the TCP sequence numbers associated with a particular connection with no more information than the IP address of the communicating parties. Affects Android too! Unpatched since 2012! Linux is safe, don't worry about security, they said! The researchers have a short video demonstrating the attack : [link to www.youtube.com (secure)] Uhm , linux is fully open source, how did someone miss the fucked coding? with all the programmers working on the kernel and different distros, i find this fucking unreal, just when you think your safe using linux....... linux != security |
Sleeping One User ID: 72845165 Belgium 08/23/2016 07:26 AM Report Abusive Post Report Copyright Violation | edit /etc/syscrl.conf insert a line net.ipv4.tcp_challenge_ack_limit = 999999999 save it run sudo sysctl-p to update the configuration. see not the end of the world and you dont't have to wait for a patch. but dunno about android phones. This solution is only for Ubuntu AFAIK. That Chinese researcher (Zhian ?) must have other methods for other Linux distros. |
Anonymous Coward User ID: 72845112 Australia 08/23/2016 07:52 AM Report Abusive Post Report Copyright Violation | Android users will be the hardest hit by this, no updates for older phones. In the bin they go. Quoting: Anonymous Coward 72748728 Desktop linux systems will just update to the latest kernel. Rubbish, Android users can just update the kernel as well but they have to do it themselves. Just like desktop users! I bet iOS users are the last to get patched and then Apple shall fuck it up as usual.. |
Anonymous Coward User ID: 72845112 Australia 08/23/2016 07:54 AM Report Abusive Post Report Copyright Violation | |
Sleeping One User ID: 72910962 Belgium 09/02/2016 06:38 PM Report Abusive Post Report Copyright Violation | The part I put in bold previously made you sound like a Windows user trying to bash (no pun intended) Linux because of a vulnerability. Quoting: Anonymous Coward 72784901 I am a Windows user and I am bashing Linux because it's laughable that this vulnerability has been unpatched since 2012. "Linux is secure" they said. Okay dear Windoze user, let's compare. Windows XP, was released on August 24, 2001. Security flaws that affect all versions ox XP were still being found and fixed right up until extended support ended on April 8, 2014. That means certain vulnerabilities were just sitting there for over 12 years!!!!! Of course support for XP has ended, so no more fixes coming down the pipe, but, many of the vulnerabilities found (and fixed) in later windows versions are also present in XP, to be ignored forever by Microsoft. So I guess 4 years for a Linux bug isn't so bad, not to mention that the fix will be back-ported to all affected Linux versions. Enjoy your Windoze, it's good for you! Your post makes a lot of sense, but comparing Windows with Linux is not the point. Linux was supposed to be secure while Windows is not, they always were telling you this when you were hesitating : that's the point ! And now proof has been given it is NOT ! |