Please create an account to participate in the Slashdot moderation system


Forgot your password?

Submission + - Mac, BSD prone to decade old attacks 7

BSDer writes: An Israeli security researcher published a paper few hours ago, detailing attacks against Mac, OpenBSD and other BSD-style operating systems. The attacks, says Amit Klein from Trusteer enable DNS cache poisoning, IP level traffic analysis, host detection, O/S fingerprinting and in some cases even TCP blind data injection. The irony is that OpenBSD boasted their protection mechanism against those exact attacks when a similar attack against the BIND DNS server was disclosed by the same researcher mid 2007. It seems now that OpenBSD may need to revisit their code and their statements. According to the researcher, another affected party, Apple, refused to commit to any fix timelines. It would be interesting to see their reaction now that this paper is public.
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Mac, BSD prone to decade old attacks

Comments Filter:
  • This is nice research and a well-written summary, why is slashdot not picking this up...
    • by AHuxley ( 892839 )
      Nobody wants to help the admin in the Usama cave.
      He only has to look after dialysis and the Macs.
      With every click of Software Update his security through obscurity gets stronger.
    • Maybe because OpenBSD is saying that the exploit is not viable in a real environment?
      • Re: (Score:3, Insightful)

        by ThisNukes4u ( 752508 ) *
        1. Since when has that ever stopped slashdot from posting a story.
        2. ALWAYS take whatever a vendor has to say about the security of their product with a grain of salt(in the case of openbsd, which stakes its reputation almost 100% on its security, maybe two grains).
        • Or maybe you could realize that they really have nothing to gain from bullshitting about the security of OpenBSD.

          Let's be real these guys aren't getting rich off of OpenBSD, and they certainly know a lot about security.
          • Certainly they're not getting rich, but you have to ask yourself why all the other affected OSes have fixed the problem, or in the case of OS X, planning a fix. Meanwhile, OpenBSD stubbornly refuses to acknowledge the bug, even though they obviously are aware of the theoretical attack given their responses in the past and the fact that they were the first to implement countermeasures for this sort of attack in 1997. This is not a rip on OpenBSD, its a great project that I have used in the past, but I think
  • Too bad. I wish they [OpenBSD] would focus less on holding their reputation, and more on fixing the problem.

    I guess we'll have to break into their main web server and change something, then they'll listen.

I THINK MAN INVENTED THE CAR by instinct. -- Jack Handley, The New Mexican, 1988.