World Bulletin / News Desk
A hacking expert has launched a $200 password-cracking tool that makes it easy to decipher Internet traffic sent through a widely used method for securing businesses communications.
Moxie Marlinspike, one of the world's top encryption experts, unveiled the tool on Saturday during a presentation at the Def Con hacking conference in Las Vegas.
Marlinspike said he developed the service, CloudCracker.com, by taking advantage of a vulnerability he discovered in a widely used virtual private network technology known as point-to-point tunneling protocol.
Virtual private networks, or VPNs, scramble traffic as it travels between a PC and its final destination so that the data is useless to hackers if they eavesdrop on those communications.
But Marlinspike provides clients with a tool that analyzes captured data streams and creates a data file that they upload to his website. He then runs that through code-cracking computer programs that figure out a password that will unscramble the protected communications. He delivers that to clients within 24 hours.
With access to web traffic, hackers could potentially steal passwords to financial accounts, read business emails and learn business secrets.
Marlinspike said he will not screen clients to determine whether they are using CloudCracker for illegal purposes, although his ultimate intent is help computer users by pressuring operating systems makers to make their software safer.
"What we're trying to do is force people to use more secure VPN technology in the products they are building," he said.
Marlinspike said that small to mid-sized businesses and consumers typically use VPN software with the point-to-point tunneling protocol.
Large corporations typically supply their employees with VPN software from Cisco Systems Inc, whose communications cannot be cracked by CloudCracker.com, he said.
Marlinspike has worked for Twitter since the end of last year when the mobile blogging service acquired a company he co-founded, Whisper Systems. Marlinspike said that CloudCracker.com was a personal project and has nothing to do with Twitter.
Hackers and security experts present research on a wide range of vulnerabilities in products ranging from computers and networking equipment to locks, drones and air-traffic control systems at the annual Def Con gathering.
They often publicize their work in an effort to warn the public about security risks and pressure manufacturers to address the problems.
NASA officials had planned to crash the spacecraft into the moon, after it transmitted its final batch of data.
The discovery is the closest scientists have come so far to finding a true Earth twin
An ambitious project in Turkey's south could see a pioneering clean energy project.
Depending on local weather conditions, the eclipse was visible across a swath of the United States
Google and Facebook have been competing in innovative ways to increase internet access globally and tap into previously untouched markets.
A 14-year-old Dutch girl who sent a terror threat to American Airlines as a Twitter “joke” has been arrested by police in Rotterdam
The legal action is the first to emerge from a humiliating episode for Microsoft, which the software company has never fully explained and has accounted for only as a "technical error."
The widespread bug surfaced late on Monday, when it was disclosed that a pernicious flaw in a widely used Web encryption program known as OpenSSL opened hundreds of thousands of websites to data theft.
For some, increased connectivity has allowed them to see social network and sharing websites like Youtube and Facebook for the first time.
The suspects exploited the fact that some users had the same pin number or password for both credit cards and the loyalty card to create fake cards and charge items earlier this year
The radar is part of a safety system that ensures a failed rocket will not threatened populated areas.
The World's latest solar energy technologies with innovative products produced in Turkey will be showcased at the fair.
Kaspersky Lab uncovered evidence that a few hacking groups believed to be involved in state-sponsored cyber espionage were running such scans shortly after news of the bug first surfaced
Facebook did not specify how many ads will now appear in the right-hand column, though a sample image on the blog showed a single ad in the right-hand column
StoreDot's device charged a dead Samsung S4 smartphone battery in 26 seconds during a demonstration of the product.