CHINA TOPIX

12/22/2024 11:47:46 pm

Make CT Your Homepage

Bash Bug Could Leak Data From Connected Devices

Internet security

(Photo : Reuters)

A security team from Red Hat discovered new vulnerabilities in Linux's Bash shell that could potentially cause an unintentional sharing of information with devices connected to it.

The Bash shell is one of the most widely used and versatile utilities in Linux.

When accessed properly, the Bash bug, also nicknamed Shellshock, lets a hacker's code to be run the moment the shell is invoked, leaving the system vulnerable to a wide variety of attacks. Patching every instance may be difficult for since the bug has been present in Linux for a long time.

Like Us on Facebook

Reports suggest that Shellshock also affects OS X, tech giant Apple's operating system for its computers. While Apple has yet to provide a legitimate solution, information on how Mac users can look for the vulnerability and fix it once detected can be seen on Stack Exchange.

Cloud service providers such as Amazon Web Services are currently giving instructions to consumers on how to solve the problem. Vendors that distribute Linux such as Canonical, Fedora and Red hat have been offering patches to install on Linux devices.

But the bug's most direct effect will be among devices on the Internet of things, smart gadgets and appliances that need remote access, according to VentureBeat's Jordan Novet.

Security expert Troy Hunt said in an interview that the Bash bug can let people with technical knowledge access the devices and retrieve constant data caches in response.

"Certainly Internet-connected stuff is going to be the immediate vulnerability," Hunt said, adding that devices running versions of Bash that haven't been updated in years could be at risk.

Robert David Graham from Errata Security has compared Bash to the Heartbleed security bug discovered in April, since they both have wide and potential long-term effects on the security of computers.

Real Time Analytics