Language Selection

English French German Italian Portuguese Spanish

Hackers race to expose Cisco Internet flaw

Filed under
Security

Computer hackers worked through the weekend to expose a flaw that could allow an attacker to take control of the Cisco Systems Inc. routers that direct traffic across much of the Internet.

Angered and inspired by Cisco's attempts to suppress news of the flaw earlier in the week, several computer security experts at the Defcon computer-security conference worked past midnight Saturday to discover and map out the vulnerability.

"The reason we're doing this is because someone said you can't," said one hacker, who like the others spoke to Reuters on condition of anonymity.

Cisco's routers direct traffic across at least 60 percent of the Internet and the security hole has dominated a pair of conferences that draw thousands of security researchers, U.S. government employees and teenage troublemakers to Las Vegas each summer.

The hackers said they had no intention of hijacking e-commerce payments, reading private e-mail, or launching any of the other malicious attacks that could be possible by exploiting the flaw.

Rather, they said they wanted to illustrate the need for Cisco customers to update their software to defend against such possibilities. Many Cisco customers have postponed the difficult process because it could require them to unplug entirely from the Internet.

Full Story.

More in Tux Machines

Ubuntu 14.10 (Utopic Unicorn) Enters Final Beta Freeze

"As of nowish, the archive is frozen for 14.10 Final Beta preparation, and will continue to be frozen from here until Final release next month. As with the previous release, we have a bot in place that will accept uploads that are unseeded and don't affect images. Don't take this as an open invitation to break Feature Freeze on those components, this is just to reduce the burden on the release team, so we only review the uploads that need very serious consideration," notes Canonical's Adam Conrad. Read more

Second Bugfix Release for KDE Plasma 5 Arrives with Lots of Changes

"This release, versioned plasma-5.0.2, adds a month's worth of new translations and fixes from KDE's contributors. The bugfixes are typically small but important such as fixing text which couldn't be translated, using the correct icons and fixing overlapping files with KDELibs 4 software. It also adds a month's hard work of translations to make support in other languages even more complete," reads the announcement. Read more

Qt 5.4 Will Support Applications Under A Wayland Compositor

The QtWayland support for Qt 5.4 is considered a technical preview with support of QWidget-based apps being less than ideal, the QtCompositor API in QtWayland not seeing a release for Qt 5.4, and other work still needs to be pursued. The QtCompositor API for the QtWayland module is what's needed for those out there wishing to write their own Wayland compositors using Qt. Qt's support for XDG-Shell is also less than complete and there's also not any official sub-surface protocol support for QtWayland. Read more

Run anywhere again: Java hooks up with Docker

Applications can more easily be redeployed on servers or made available on public clouds using Docker. "You configure it once, and once it's configured, it's very easy to [roll it out] in multiple places," Azul President/CEO Scott Sellers said in an interview. Although others have offered Java via Docker, Azul says its open source Zulu JVM is the first Docker-based Java offering to be officially certified as Java-compliant and fully supported. "This is really needed in order for enterprises to deploy Java on Docker in real production environments," Sellers said. Read more