At the conference on information security “Black Hat 2017”, the researcher Delignat-Lavaud presented solutions to partially known security gaps in TPS protocols. He is a member of a research group called the Prosecco, a defendant in the security of services such as Facebook, Dropbox, LinkedIN, Bing Twitter, Papal, and even the NSA at the French Institute for Computer Science and Automation (INRIA) And propose solutions.
Also interesting is
TPS protocols, which are known under the name of SSL encryption, encrypt the data transmission of, in particular, sensitive files on the Internet. But these can be hacked. Delignat-Lavaud uses two exemplary attacks in connection with TPS protocols to provide new solution strategies against hacker attacks.
First, the cracking "cookie clutter" was presented. Via the targeted transmission of a cookie double, the hacker can achieve that the user is forwarded to a page controlled by the hacker. Although most browsers have already taken countermeasures, Delignat-Lavaud has found another gap-only gap. His proposal for a solution: Contrary to the usual practice ("Be liberals in what you accept, be conservative in what you send"), you should not accept any more generously. In his opinion, it would be better to give an error in the case of incorrect or incomplete data.
He also comes to a similar conclusion in the second hacker experiment, the "Virtual Host Confusion". Delignat-Lavaud managed to take over accounts of other users under an unknown hostname. While the attack was carried out at Dropbox, one could exploit these vulnerabilities also with other content delivery networks like Akamai. This is particularly devastating because Akamai provides sites like LinkedIn, Twitter, Paypal, Bing, Apple, and even the NSA with certificates. Furthermore, a modified variant of the hacking could also be transferred to Google's security protocol SPDY.
The problems in the security logs and in the safety precautions would not be a novelty. According to Delignat-Lavaud, this would reveal that security problems have so far been treated with a lax practice. It is expected that further hacker attacks of this kind will follow as long as the gaps are not closed, so golem.de presumes.
No comments:
Post a Comment