Hackers hijack entire Web
- added April 19, 2008
- 8 responses
-
-
-
-
- jcwelker
- added this
-
-
- related topics
-
- News and Politics (33527)
- News (15539)
- Tech (6690)
- Technology (2876)
- US (2247)
- Internet (2093)
- Current (1706)
- Current News US (1209)
- Current News UK (1188)
- Web (321)
- Hackers (112)
- Corporate Greed (83)
- Comcast (46)
- Net Neutrality (44)
- Inappropriate Monetization (15)
- Internet Security (14)
- Phishing (11)
- Internet Service Providers (8)
- Earthlink (3)
Seeking to make money from mistyped website names, some of the United States' largest ISPs are instead creating gaping security holes in the web's largest websites, including eBay, PayPal, Google and Yahoo.
The ISPs are making it possible for hackers to turn any website into a source of viruses, phishing attacks and other malware.
The massive vulnerability introduced by Earthlink and Comcast was quietly and quickly patched on Friday, after IOActive security researcher Dan Kaminsky reported the vulnerability to Earthlink and its technology partner, a British ad company called Barefruit.
"The entire security of the internet is now dependent on some random-ass server run by some British company," Kaminsky said.
Starting in August 2006, Earthlink changed how it handled the process of turning requests for a domain name such as Youtube.com into the numeric IP address of the site's server, hiring Barefruit to help it make money from this system.
The news of the massive security breach created by ISPs subverting internet protocol for profit comes just two days after the Federal Communication Commission held a hand-wringing public forum at Stanford University over whether it should punish Comcast its violation of a standard internet practices by sending fake packets to its users in order to reduce the amount of bandwidth peer-to-peer applications use.
Kaminsky is demoing the hole publicly on Saturday at the Toorcon security conference in Seattle.
Kaminsky, a well-respected security expert, is perhaps best known for cleverly proving that a spyware rootkit Sony included on music CDs infected computers in more than half a million computer networks in 2005.
The hole was made possible by ISPs subverting the Domain Name System or DNS, which translates website names into numeric addresses.
When users visit a website like Wired.com, the DNS system translates the domain name into an IP address such as http://72.246.49.48. But if a particular site does not exist, the DNS server tells the browser that there's no such listing and a simple error message should be displayed.
But using Barefruit's technology, Earthlink instead intercepts that Non-Existent Domain (NXDOMAIN) response and sends the IP address of Barefruit's ad server as the answer. When the browser visits that page, the user sees a list of suggestions for what site the user might have actually wanted, along with a search box and Yahoo ads.
The rub comes when a user is asking for a nonexistent subdomain of a real website, such as http://webmale.google.com, where the subdomain webmale doesn't exist (unlike, say, mail in mail.google.com). In this case, the Earthlink/Barefruit ads appear in the browser and the title bar indicates that it's the official Google site.
The ISPs are making it possible for hackers to turn any website into a source of viruses, phishing attacks and other malware.
The massive vulnerability introduced by Earthlink and Comcast was quietly and quickly patched on Friday, after IOActive security researcher Dan Kaminsky reported the vulnerability to Earthlink and its technology partner, a British ad company called Barefruit.
"The entire security of the internet is now dependent on some random-ass server run by some British company," Kaminsky said.
Starting in August 2006, Earthlink changed how it handled the process of turning requests for a domain name such as Youtube.com into the numeric IP address of the site's server, hiring Barefruit to help it make money from this system.
The news of the massive security breach created by ISPs subverting internet protocol for profit comes just two days after the Federal Communication Commission held a hand-wringing public forum at Stanford University over whether it should punish Comcast its violation of a standard internet practices by sending fake packets to its users in order to reduce the amount of bandwidth peer-to-peer applications use.
Kaminsky is demoing the hole publicly on Saturday at the Toorcon security conference in Seattle.
Kaminsky, a well-respected security expert, is perhaps best known for cleverly proving that a spyware rootkit Sony included on music CDs infected computers in more than half a million computer networks in 2005.
The hole was made possible by ISPs subverting the Domain Name System or DNS, which translates website names into numeric addresses.
When users visit a website like Wired.com, the DNS system translates the domain name into an IP address such as http://72.246.49.48. But if a particular site does not exist, the DNS server tells the browser that there's no such listing and a simple error message should be displayed.
But using Barefruit's technology, Earthlink instead intercepts that Non-Existent Domain (NXDOMAIN) response and sends the IP address of Barefruit's ad server as the answer. When the browser visits that page, the user sees a list of suggestions for what site the user might have actually wanted, along with a search box and Yahoo ads.
The rub comes when a user is asking for a nonexistent subdomain of a real website, such as http://webmale.google.com, where the subdomain webmale doesn't exist (unlike, say, mail in mail.google.com). In this case, the Earthlink/Barefruit ads appear in the browser and the title bar indicates that it's the official Google site.
-
The DNS expert quoted in the article just coined my new favorite phrase: "inappropriate monetization." That concept is central to so many problems in our world today. Unfortunately, the only regulation our government seems willing to impose on industry is drafted by the lobbyists from said industries - for the benefit of said industries.
-
If they can make money on it then it's not a bug, it's a feature
-
As long as they don't steal my personal info(which they probably have) then i'll be okay. Man i wish I was a computer geek I'd hack into their programs. Whatever happened to the "revenge of the nerds?" Nerd alert!!!!!!!!!!!
-
good pod...good info to know...thanks
-
i think truthfully that there was hacking into
various databases and computers ages ago
when the before the invention of the internet
came about goverment spies used to hack int to
the databases on other official computers to
gather intel and information about crinemal
activities and operations and it also became
an tool for id theft and to combat the safeguarding
sensitive info and documents to prevent them for getting
hacked or stolen.
from
frankie smales
(frankie smales movie and tv review uk) -
I guess that means I need to spell check more often, and double check my typing before I hit enter...I knew there was a reason to learn to spell, I should have paid more attention. LOL
-
that image WIRED chose is great.
looks like the guys (yeah mostly boys, watup apple... not thinking too different there, eh) of the so called 'Genius' bar. -
clowns
Login/Registration is required to add a response.
