Language Selection

English French German Italian Portuguese Spanish

Hackers race to expose Cisco Internet flaw

Filed under
Security

Computer hackers worked through the weekend to expose a flaw that could allow an attacker to take control of the Cisco Systems Inc. routers that direct traffic across much of the Internet.

Angered and inspired by Cisco's attempts to suppress news of the flaw earlier in the week, several computer security experts at the Defcon computer-security conference worked past midnight Saturday to discover and map out the vulnerability.

"The reason we're doing this is because someone said you can't," said one hacker, who like the others spoke to Reuters on condition of anonymity.

Cisco's routers direct traffic across at least 60 percent of the Internet and the security hole has dominated a pair of conferences that draw thousands of security researchers, U.S. government employees and teenage troublemakers to Las Vegas each summer.

The hackers said they had no intention of hijacking e-commerce payments, reading private e-mail, or launching any of the other malicious attacks that could be possible by exploiting the flaw.

Rather, they said they wanted to illustrate the need for Cisco customers to update their software to defend against such possibilities. Many Cisco customers have postponed the difficult process because it could require them to unplug entirely from the Internet.

Full Story.

More in Tux Machines

Android Leftovers

Security: Updates, SOS Fund, IR, ME, and WPA

  • Security updates for Friday
  • Seeking SOS Fund Projects
    I’m spending some time over the next few days looking for the next round of projects which might benefit from an SOS Fund security audit.
  • Strong Incident Response Starts with Careful Preparation
    Through working every day with organizations’ incident response (IR) teams, I am confronted with the entire spectrum of operational maturity. However, even in the companies with robust IR functions, the rapidly evolving threat landscape, constantly changing best practices, and surplus of available tools make it easy to overlook important steps during planning. As a result, by the time an incident occurs, it’s too late to improve their foundational procedures.
  • The Intel Management Engine: an attack on computer users' freedom
    Over time, Intel imposed the Management Engine on all Intel computers, removed the ability for computer users and manufacturers to disable it, and extended its control over the computer to nearly 100%. It even has access to the main computer's memory.
  • What Is WPA3, and When Will I Get It On My Wi-Fi?
    WPA2 is a security standard that governs what happens when you connect to a closed Wi-Fi network using a password. WPA2 defines the protocol a router and Wi-Fi client devices use to perform the “handshake” that allows them to securely connect and how they communicate. Unlike the original WPA standard, WPA2 requires implementation of strong AES encryption that is much more difficult to crack. This encryption ensures that a Wi-Fi access point (like a router) and a Wi-Fi client (like a laptop or phone) can communicate wirelessly without their traffic being snooped on.

First Impressions: Asus Tinkerboard and Docker

The board's standard OS is TinkerOS - a Linux variant of Debian 9. I've also read that Android is available but that doesn't interest us here. While Android may use forms of containerisation under the hood it doesn't mix with Docker containers. Rather than trying TinkerOS I flashed Armbian's release of Ubuntu 16.04.03. The stable build on the download page contains a full desktop, but if you want to run the board headless (like I do) then you can find a smaller image on the "other downloads" link. I initially used the stable image but had to swap to the nightly build due to a missing kernel module for Kubernetes networking. Having looked this up on Google I found the nightly build contained the fix to turn on the missing module. Read more

today's howtos