Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.os.linux.misc > #58103

RADIUS Server Now Severely Compromised

Cross-posted to 3 groups.

Show all headers | View raw

https://techxplore.com/news/2024-08-scientists-vulnerabilities-popular-protocol.html


A widely used security protocol that dates back to the days
of dial-up internet has vulnerabilities that could expose
large numbers of networked devices to an attack and allow
an attacker to gain control of traffic on an organization's
network.

A research team led by University of California San Diego
computer scientists investigated the Remote Authentication
Dial-In User Service (RADIUS) protocol and found a vulnerability
they call Blast-RADIUS that has been present for decades.
RADIUS, designed in 1991, allows networked devices such as
routers, switches or mobile roaming gear to use a remote
server to validate login or other credentials.

The root of this vulnerability stems from the fact RADIUS
was developed before proper cryptographic protocol design
was well understood, the authors say. It uses an authentication
check based on an ad hoc and insecure construction based on
the MD5 hash function, which has been known to be broken
for two decades.

However, the RADIUS protocol was not updated when MD5 was
broken in 2004, the authors note. Before their work, the
maintainers of the protocol standards defining RADIUS
thought that the MD5-based construction used in RADIUS
was still secure.

. . .

   HOW many orgs/banks/etc STILL use this ???

   Apparently quite a LOT - or we'd have not seen
   this article ....

   Anything these days needs to be triple-tough.
   Russia/China/NK state-funded perps spend LOTS
   of time looking for weaknesses and backdoors.
   Huge damage can be done in a VERY short period.

   We LIKE to think our online-whatever apps are
   reasonably secure. Really, NOT true.

   Whatever protocols/tricks they are always one
   step behind the little hacks. 'Security' is
   mostly REACTIVE, not proactive.

   The reasons are partially based in willful
   ignorance - but mostly in ECONOMICS. Changing
   things, esp in Big Institutions, is just plain
   hyper-EXPENSIVE and prone to BIG EXPENSIVE
   PROBLEMS in the transition period.

   So, 'security' is gonna ALWAYS be Behind The
   Curve. NOT good. NOT Real. Just corporate/govt
   BULLSHIT designed to dupe the masses.

   Sorry folks, but we're essentially ALREADY in
   an all-out Cyber-War with hostile govts. This
   can do HUGE damage across a WIDE spectrum, all
   at the push of a North Korean button.

   Russia/China WILL use NK ... 'plausible
   deniability' and nobody can DO much with NK ...

   Fixes ? Yes, they exist - but, again, the $$$
   and Customer Confidence issues .......

   So ... we're gonna get SCREWED, BADLY, OVER
   AND OVER AND OVER until all 'confidence'
   totally crashes and we're back to the dark
   ages.

   How many piglets for how many turnips ?

   No, I'm not trying to be funny.

   At the very least, does your bank/broker/etc
   actually KNOW YOUR FACE ? RECOGNIZE you and
   the kinds of biz you do ??? Know your voice,
   your history, yer relatives and such ??? For
   anybody past the Boomers the answer becomes
   increasingly "NO !". A wire-transfer from a
   NK address with some arab-accent 'conf' ...
   FINE With Them - they really don't/can't
   know better ............

Back to comp.os.linux.misc | Previous | Next — Next in thread | Find similar

Thread

RADIUS Server Now Severely Compromised "186282@ud0s4.net" <186283@ud0s4.net> - 2024-08-21 03:54 -0400
  Re: RADIUS Server Now Severely Compromised Shadow <Sh@dow.br> - 2024-08-21 09:02 -0300

csiph-web