Computer industry heavyweights are hustling to fix a flaw in the foundation of the Internet that would let hackers control traffic on the World Wide Web.
Major software and hardware makers worked in secret for months to create a software “patch” released on Tuesday to repair the problem, which lies in the way computers are routed to Web page addresses. Automated updating should protect most PCs.
“It’s a very fundamental issue with how the entire addressing scheme of the Internet works,” Securosis analyst Rich Mogul said in a media conference call. “You’d have the Internet, but it wouldn’t be the Internet you expect. [Hackers] would control everything.”
The flaw would be a boon for “phishing” cons that involve leading people to imitation Web pages of businesses such as bank or credit card companies to trick them into disclosing account numbers, passwords and other information.
Attackers could use the vulnerability to route Internet users wherever they wanted no matter what Web site address is typed into a Web browser.
Security researcher Dan Kaminsky of IOActive stumbled upon the Domain Name System (DNS) vulnerability about six months ago and reached out to industry giants including Microsoft, Sun and Cisco to collaborate on a solution.
DNS is used by every computer that links to the Internet and works along the lines of a telephone system routing calls to proper numbers, in this case the online numerical addresses of Web sites.
“People should be concerned but they should not be panicking,” Kaminsky said. “We have bought you as much time as possible to test and apply the patch. Something of this scale has not happened before.”
Kaminsky built a Web page, www.doxpara.com, where people can find out whether their computers have the DNS vulnerability.
Kaminsky was among about 16 researchers from around the world who met in March at Microsoft’s campus in Washington to figure out what to do about the flaw.
“I found it completely by accident,” he said. “I was looking at something that had nothing to do with security. This one issue affected not just Microsoft and Cisco, but everybody.”
A push is on to make sure company networks and Internet service providers make certain their computer servers are impervious to hijackings using the DNS attack.
One of two tropical depressions that formed off Taiwan yesterday morning could turn into a moderate typhoon by the weekend, the Central Weather Administration (CWA) said yesterday. Tropical Depression No. 21 formed at 8am about 1,850km off the southeast coast, CWA forecaster Lee Meng-hsuan (李孟軒) said. The weather system is expected to move northwest as it builds momentum, possibly intensifying this weekend into a typhoon, which would be called Mitag, Lee said. The radius of the storm is expected to reach almost 200km, she said. It is forecast to approach the southeast of Taiwan on Monday next week and pass through the Bashi Channel
WARNING: People in coastal areas need to beware of heavy swells and strong winds, and those in mountainous areas should brace for heavy rain, the CWA said The Central Weather Administration (CWA) yesterday issued sea and land warnings for Typhoon Ragasa, forecasting that it would continue to intensify and affect the nation the most today and tomorrow. People in Hualien and Taitung counties, and mountainous areas in Yilan and Pingtung counties, should brace for damage caused by extremely heavy rain brought by the typhoon’s outer rim, as it was upgraded to a super typhoon yesterday morning, the CWA said. As of 5:30pm yesterday, the storm’s center was about 630km southeast of Oluanpi (鵝鑾鼻), Taiwan’s southernmost tip, moving northwest at 21kph, and its maximum wind speed had reached
The Central Weather Administration (CWA) yesterday said that it expected to issue a sea warning for Typhoon Ragasa this morning and a land warning at night as it approached Taiwan. Ragasa intensified from a tropical storm into a typhoon at 8am yesterday, the CWA said, adding that at 2pm, it was about 1,110km east-southeast of Oluanpi (鵝鑾鼻), Taiwan’s southernmost tip. The typhoon was moving northwest at 13kph, with sustained winds of up to 119kph and gusts reaching 155kph, the CWA Web site showed. Forecaster Liu Pei-teng (劉沛滕) said that Ragasa was projected to strengthen as it neared the Bashi Channel, with its 200km
PUBLIC ANNOUNCEMENTS: Hualien and Taitung counties declared today a typhoon day, while schools and offices in parts of Kaohsiung and Pingtung counties are also to close Typhoon Ragasa was forecast to hit its peak strength and come closest to Taiwan from yesterday afternoon through today, the Central Weather Administration (CWA) said. Taiwan proper could be out of the typhoon’s radius by midday and the sea warning might be lifted tonight, it added. CWA senior weather specialist Wu Wan-hua (伍婉華) said that Ragasa’s radius had reached the Hengchun Peninsula by 11am yesterday and was expected to hit Taitung County and Kaohsiung by yesterday evening. Ragasa was forecast to move to Taiwan’s southern offshore areas last night and to its southwestern offshore areas early today, she added. As of 8pm last night,
RSS