At the Defcon hacker conference this week, two researchers demonstrated a technique for downloading malcode onto a computer during an update process – showing that it could be possible to compromise machines on public WiFi networks.
Itzik Kotler and Tomer Bitton said they know of about 100 popular applications that are vulnerable.
The two also released a tool that shows which machines on a network are vulnerable when they check for new updates over the Web. The tool, which they call Ippon (a Japanese word for “one full point” used in the martial arts world), can send customized messages to potential victims stating that there is an updated available for one of his applications even if it has the most recent real update. An attacker can then download malicious code.
Kotler and Bitton said digital signatures are the answer to this vulnerability. Microsoft software is not vulnerable to the process since it does use them in its updates.
Those conscious of security are already wary of making sensitive transactions on public networks since it is possible to monitor network traffic with sniffers.
This is reason #2 to be careful when you’re trying to work in an airport waiting area or having that double-plus-extra-high-octane mocha latte and playing on your laptop in a coffee shop.
Story here.
Tom Kelchner