Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Eighty percent of Android devices inherit Linux security flaw

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

August 22, 2016

It was discovered today that a previously identified Linux security flaw which allows anyone to hijack internet traffic also affects about 80 percent of Android devices.

The original security vulnerability involves a critical exploit in the TCP protocol that lets potential hackers obtain unencrypted traffic and degrade it to spy on potential victims.

The security hole, which was presented by researchers from the University of California, Riverside and the United States Army Research Laboratory, creates a mechanism for hackers to spy on supposedly secure communications without running more traditional man-in-the-middle attacks.

The security vulnerability allows a blind off-path attacker to infer if any two arbitrary hosts on the Internet are communicating using a TCP connection.

If the connection is present, such an off-path attacker can also infer the TCP sequence numbers in use, from both sides of the connection. This in turn allows the attacker to cause connection termination and perform data injection attacks.

We illustrate how the attack can be leveraged to disrupt or degrade the privacy guarantees of an anonymity network such as Tor and perform web connection hijacking.

Described as bulletin CVE-2016-5696, the side channel security vulnerability was introduced in a recent TCP specification, which has been “faithfully implemented in Linux kernel version 3.6 from 2012 and beyond”, creating a security issue in the process.

Android’s code base is based on the Linux OS so it has inherited that security flaw. Researchers at mobile security firm Lookout warn that “all Android versions running the Linux Kernel 3.6 are vulnerable to this attack or about 80 percent of the Android ecosystem”.

The security flaw is rather hard to exploit but nonetheless poses a risk, especially when it comes to targeted attacks.

Source: The University of California.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer