Here’s an important update: a new study shows serious security threat to many Internet users, as communications involving Linux systems can be easily and quickly compromised remotely.
There is a serious weakness in the Transmission Control Protocol, or TCP, of all Linux operating systems that enables hackers to hijack users’ internet communications from anywhere. Here’s how: Linux (and other operating systems) uses TCP to package and send data, as well as the Internet Protocol (IP) to ensure the information gets to its destination. So, when two people communicate by email, TCP groups their message into a series of data packets that are identified by unique sequence numbers. These packets are then transmitted, received, and reassembled into the original message. These numbers can be useful to attackers, however, with about 4 billion possible sequences, it’s impossible to identify the sequence number associated with any particular communication by pure chance.
But the researchers at the University of California who led the study didn’t rely on chance: they found a subtle flaw in the Linux software that enables attackers to infer the TCP sequence numbers that are associated with a particular connection with only IP address of the communicating parties.
What does this mean? Given any two random machines on the Internet, a remote blind attacker can track users’ online activity, cancel connections with others and add false material into their communications. Additionally, this weakness could allow hackers to degrade the privacy of many anonymity networks (e.g. Tor), by forcing the connections to route through certain relays. Even worse, the attack is fast and reliable, and often takes less than a minute with a success rate of about 90 percent.
Linux is alerted and is working on fixing this weakness.
Chanwoo's Weekly Tech 