Skip to main content

Big holes in net's heart revealed

Simple attacks could let malicious hackers take over more than one-third of the net's sites, reveals research.

The finding was uncovered by researchers who analysed how the net's addressing system works.

They also found that if the simple attacks were combined with so-called denial-of-service attacks, 85% of the net becomes vulnerable to take-over.

The researchers recommended big changes to the net's addressing system to tackle the vulnerability at its heart.

Site seizing

When you visit a website, such as news.bbc.co.uk, your computer often asks one of the net's address books, or domain name servers, for information about where that site resides.

But the number of computers that have to be consulted to find the computers where that site is located often makes sites vulnerable to attack by vandals and criminals, found Assistant Professor Emin Gun Sirer and Venugopalan Ramasubramanian from the Department of Computer Science at Cornell University.

Professor Sirer told the BBC News website that, on average, 46 computers holding different information about the components of net addresses are consulted to find out where each dotcom site is actually hosted.

But, he said, this chain of dependencies between the computers that look after the different parts of net addresses creates all kinds of vulnerabilities that clever hackers could easily exploit.

"The growth of the internet has caused these dependencies to emerge," said Professor Sirer. "Instead of having to compromise one you can compromise any one of the three dozen."

All the information gathered and analysed by the researchers has to be publicly available to keep the net's addressing system working. The research analysed information about almost 600,000 computers.

The research also revealed that 17% of the servers that host the net's address books are vulnerable to attack via widely known exploits.

Comments

Popular posts from this blog

Does light have mass?

The short answer is "no", but it is a qualified "no" because there are odd ways of interpreting the question which could justify the answer "yes". Light is composed of photons so we could ask if the photon has mass. The answer is then definitely "no": The photon is a massless particle. According to theory it has energy and momentum but no mass and this is confirmed by experiment to within strict limits. Even before it was known that light is composed of photons it was known that light carries momentum and will exert a pressure on a surface. This is not evidence that it has mass since momentum can exist without mass. [ For details see the Physics FAQ article What is the mass of the photon? ]. Sometimes people like to say that the photon does have mass because a photon has energy E = hf where h is Planck's constant and f is the frequency of the photon. Energy, they say, is equivalent to mass according to Einstein's famous formula E = m

Play against Xbox360 gamer on PC in Vista

Microsoft Corp. co-founder Bill Gates on Tuesday announced a cross-platform gaming service that integrates games played on cell phones, Xbox 360 consoles and the upcoming Windows Vista operating system. The "Live Anywhere" service will be available as part of Windows Vista, Microsoft's next-generation PC operating system. The consumer version is scheduled for release early next year. "It means that you have one online community," Gates said in a news conference. "This platform can really unleash developers to do amazing new things." The system would extend the company's existing Xbox Live service for the Xbox 360 console into millions of Internet-enabled PCs and cellular phones. No pricing information on the new service was announced. In recent months, Microsoft has been pushing a number of online services that it hopes will boost revenue as markets for its traditional software become increasingly saturated. The company expects to make money off s

Hackers biting Apple

Hackers are increasingly focusing on Apple's Mac OS X, and the number of newly discovered vulnerabilities has surged. Such a switch could mean big implications for Apple's user base, which has traditionally not had to concern itself too much over security. It's been an impressively quiet year so far on the PC virus and worm front, and hackers seem to be focusing their attention elsewhere. One such area is Apple's Mac OS X. Once mostly ignored by malware developers, there appears to be a growing interest in this "alternative" OS. Details Have you noticed the dearth of serious PC virus and worm threats out there lately? Well, it isn't a figment of your imagination -- according to vnunet.com, viruses are no longer the top security threat . While serious attacks are still likely to emerge, the bottom has apparently fallen out of the PC antivirus market -- just as Microsoft begins a big push into the security market. One cause of this drop-off is solidif