Your new post is loading...
Some days you can't win for losing. In 2012, Linux implemented a new TCP/IP networking standard, RFC 5961, Improving TCP's Robustness to Blind In-Window Attacks, to improve security. In the process, they opened up a heretofore unknown security hole. Ironically, other operating systems that lagged in implementing this new "security" mechanism -- such as FreeBSD, macOS, and Windows -- are immune to this new attack vector.
This is potentially a big deal because it can be used to break, or even hijack, Internet connections between Linux and Android systems. So, for example, if an Android smartphone connected to USA Today, the connection could be interrupted. The same attack, however, would fail if it were made on a link between a Windows PC and USA Today.
The problem exists in any operating system running Linux kernel 3.6 or newer. Linux 3.6 was introduced in 2012. The vulnerability allows an attacker from anywhere on the Internet to search for connections between a client and a server. Once such a network connection is found, the attacker can invade it, cause connection termination, and perform data injection attacks.
How bad is it? The discoverers say that the attack is fast and reliable, takes less than a minute, and works about 90 percent of the time.
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux
This is potentially a big deal because it can be used to break, or even hijack, Internet connections between Linux and Android systems. So, for example, if an Android smartphone connected to USA Today, the connection could be interrupted. The same attack, however, would fail if it were made on a link between a Windows PC and USA Today.
The problem exists in any operating system running Linux kernel 3.6 or newer. Linux 3.6 was introduced in 2012. The vulnerability allows an attacker from anywhere on the Internet to search for connections between a client and a server. Once such a network connection is found, the attacker can invade it, cause connection termination, and perform data injection attacks.
How bad is it? The discoverers say that the attack is fast and reliable, takes less than a minute, and works about 90 percent of the time.
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux