Page 1 of 1

Is Linux TCP security in grave danger or not?

Posted: Tue Aug 09, 2016 10:10 pm
by barbaz
http://phys.org/news/2016-08-highlights-threat-internet-users.html

Is it just me or is that link really ridiculously vague?
I understand the need to leave some things unsaid so as not to inform the script kiddies, but that seems so devoid of detail that I'm not sure whether to believe it or just dismiss it as FUD.

What are they even talking about anyway? I don't know TCP to that level, can someone please elucidate the TCP concepts they refer to?

Re: Is Linux TCP security in grave danger or not?

Posted: Sun Aug 14, 2016 10:45 pm
by Thrawn
Sounds like they found a way to tamper with the routing of TCP by forging packet identifiers. It doesn't break TLS, but it would make it easier for a MITM to mess around with your traffic.

I'm no TCP expert either, though.

Re: Is Linux TCP security in grave danger or not?

Posted: Sun Aug 14, 2016 11:19 pm
by barbaz
Thanks for the clarification. Using that information, I found a better description of the attack: https://nakedsecurity.sophos.com/2016/08/12/researchers-announce-linux-kernel-network-snooping-bug/

Read elsewhere that the upstream kernel will be patched in version 4.7. Don't know if Ubuntu 14.04.1 kernel (3.13.*) is patched against this, but it sounds unlikely to be my problem given how I have set myself up, so, meh.