TimmyH
Internet Security Gap Means E-Mail Is Not Safe
August 13th 2008 05:51
A major Internet security flaw could not only help hackers force users to sites they don’t wish to visit, but also assist them in intercepting e-mail messages. As yet there is no evidence to suggest that the method has been used in a successful attack, but the Internet community is very concerned.
Dan Kaminsky of Seattle-based security consultant IOActive Inc. exposed a giant vulnerability in the Internet's design that, in one case, allowed hackers to reroute some computer users in Texas to a fake Google.com site loaded with automated advertisement-clicking programs, a scam to generate profits for the hackers from those clicks. Similar things also appeared on Technology blogs last month and forced users to shut down their computers and start searching again.
The flaw is not in the website itself but in the back-end programming that guides the site. The vulnerability that Kaminsky discovered is especially dangerous because it allows criminals to tamper with systems whose reliability and trustworthiness are critical for the Internet to function properly.
Kaminsky, gave few details publicly about the vulnerability he found in the Domain Name System (DNS), a network of servers used to connect computers to Web sites, on Wednesday at the Black Hat hacker conference in Las Vegas,
He did not release too much information for fear of copy-cat programs, hopefully giving e-mail providers time to update their systems and avoid horrendous problems. Major corporations like Microsoft, Cisco Systems and Sun Microsystems have issued patches to their users to cover the security hole.
"The industry has rallied like we've never seen the industry rally before," Kaminsky said.
Kaminsky's presentation was packed, with people sitting on the floor of the main hall and overflowing out the back doors. In only a few minutes he became one of the Black Hat conference's most anticipated speakers after he announced July 8 that he'd found a major weakness in DNS, a critical part of the Internet's security system.
While some of the information he would present was leaked out or guessed largely, he was able to keep the most insidious tid bits to himself until the presentation. One of the major shocks was that e-mail servers are vulnerable to DNS openings. Kaminsky explained that there is potential for criminals and hackers to become middle men in the e-mail process, accepting from a source then passing on their own information to a receiver. The result being that if they so choose, people with access to the contents of your emails could also get at your pass-word protected Web sites.
Most websites have a feature that allows users to re-send a password to their e-mail account. If criminals can get between senders and receivers he or she could get access to banking or retail details.
This latest DNS flaw allows hackers to attach “bad” information to packets that flow in and out of DNS servers to change the direction of website navigation. Something like changing street signs so users don’t quite know where they are going.
Because users are unaware of the back-end programming, when they are taken to a site which is completely different from the one they chose to visit, they have no way of knowing. Servers that don’t handle DNS traffic are especially vulnerable. When they interact with external DNS systems and servers they are very exposed to attack.
Really Long Link
Dan Kaminsky of Seattle-based security consultant IOActive Inc. exposed a giant vulnerability in the Internet's design that, in one case, allowed hackers to reroute some computer users in Texas to a fake Google.com site loaded with automated advertisement-clicking programs, a scam to generate profits for the hackers from those clicks. Similar things also appeared on Technology blogs last month and forced users to shut down their computers and start searching again.
The flaw is not in the website itself but in the back-end programming that guides the site. The vulnerability that Kaminsky discovered is especially dangerous because it allows criminals to tamper with systems whose reliability and trustworthiness are critical for the Internet to function properly.
Kaminsky, gave few details publicly about the vulnerability he found in the Domain Name System (DNS), a network of servers used to connect computers to Web sites, on Wednesday at the Black Hat hacker conference in Las Vegas,
He did not release too much information for fear of copy-cat programs, hopefully giving e-mail providers time to update their systems and avoid horrendous problems. Major corporations like Microsoft, Cisco Systems and Sun Microsystems have issued patches to their users to cover the security hole.
"The industry has rallied like we've never seen the industry rally before," Kaminsky said.
Kaminsky's presentation was packed, with people sitting on the floor of the main hall and overflowing out the back doors. In only a few minutes he became one of the Black Hat conference's most anticipated speakers after he announced July 8 that he'd found a major weakness in DNS, a critical part of the Internet's security system.
While some of the information he would present was leaked out or guessed largely, he was able to keep the most insidious tid bits to himself until the presentation. One of the major shocks was that e-mail servers are vulnerable to DNS openings. Kaminsky explained that there is potential for criminals and hackers to become middle men in the e-mail process, accepting from a source then passing on their own information to a receiver. The result being that if they so choose, people with access to the contents of your emails could also get at your pass-word protected Web sites.
Most websites have a feature that allows users to re-send a password to their e-mail account. If criminals can get between senders and receivers he or she could get access to banking or retail details.
This latest DNS flaw allows hackers to attach “bad” information to packets that flow in and out of DNS servers to change the direction of website navigation. Something like changing street signs so users don’t quite know where they are going.
Because users are unaware of the back-end programming, when they are taken to a site which is completely different from the one they chose to visit, they have no way of knowing. Servers that don’t handle DNS traffic are especially vulnerable. When they interact with external DNS systems and servers they are very exposed to attack.
Really Long Link
| 33 |
| Vote |
Shared on
Subscribe to this blog
