2.31%C 7.40 5.37%QQQQ 27.81 2.83%
Digg
Del.icio.us
Newsvine 
Facebook
Stumbleupon
LAS VEGAS - A newly discovered flaw in the Internet's core infrastructure not only permits hackers to force people to visit Web sites they didn't want to, it also allows them to intercept e-mail messages, the researcher who discovered the bug said Wednesday.
1 of 1 
Considering the silent nature of the attack and the sensitive nature of a lot of electronic correspondence, the potential for damage from this second security flaw is high. But there's no evidence yet that this method of targeting e-mail has been used in a successful attack.
Dan Kaminsky of Seattle-based security consultant IOActive Inc. exposed a giant vulnerability in the Internet's design that, in one case, allowed hackers to reroute some computer users in Texas to a fake Google.com site loaded with automated advertisement-clicking programs, a scam to generate profits for the hackers from those clicks.
The flaw wasn't in the site itself, it was in the back-end machines responsible for guiding computers to that site.
The vulnerability Kaminsky found is especially insidious because it allows criminals to tamper with machines whose reliability and trustworthiness is critical for the Internet to function properly.
Kaminsky, who spoke Wednesday at the Black Hat hacker conference in Las Vegas, has given few details publicly about the vulnerability he found in the Domain Name System (DNS), a network of servers used to connect computers to Web sites.
He remained tightlipped so that Internet providers would have time to fix their machines. Many have done that, but others have delayed, leaving some people at risk.
Major vendors like Microsoft Corp., Cisco Systems Inc., Sun Microsystems Inc. and others have issued patches--software tweaks that cover the security hole and prevent affected machines from ingesting the bogus information hackers are trying to feed them.
"The industry has rallied like we've never seen the industry rally before," Kaminsky said.
Kaminsky's talk Wednesday at the conference was packed, with people sitting on the floor of the main speaker's hall and overflowing out the back doors. His presentation instantly became one of the Black Hat conference's most anticipated after he announced July 8 that he'd found a major weakness in DNS, a critical part of the Internet's plumbing.
U.S. stocks were mixed on Thursday after retailers reported mostly disappointing sales while other big-name companies announced layoffs and Europ...
China markets opened lower on Tuesday morning as the investors' confidence hit by the signals that global recession are deepening.
The markets have spoken: risk aversion is still the name of the game and that was obvious since the beginning of the week.
|
Building your business and corporate credit for your small business.
Partners   
|
© 2008 The Ibtimes Company. All Rights Reserved. Terms of service | Privacy Policy | Advertising | About Us | Contact Us | Archives
EMAIL
PRINT
RSS
SHARE
-0.76
0.03
