Study Highlights Serious Security Threat to Many Internet Users (UCR Today)
UCR Today reports thatresearchers at the University of California, Riverside have identified a weakness in the Transmission Control Protocol (TCP) in Linux that enablesattackers to hijack users' internet communications remotely. "TheUCR researchers didn't rely on chance, though. Instead, they identified asubtle flaw (in the form of 'side channels') in the Linux software thatenables attackers to infer the TCP sequence numbers associated with aparticular connection with no more information than the IP address of thecommunicating parties. This means that given any two arbitrary machines onthe internet, a remote blind attacker, without being able to eavesdrop onthe communication, can track users' online activity, terminate connectionswith others and inject false material into their communications."