World Bulletin / News Desk
A hacking expert has launched a $200 password-cracking tool that makes it easy to decipher Internet traffic sent through a widely used method for securing businesses communications.
Moxie Marlinspike, one of the world's top encryption experts, unveiled the tool on Saturday during a presentation at the Def Con hacking conference in Las Vegas.
Marlinspike said he developed the service, CloudCracker.com, by taking advantage of a vulnerability he discovered in a widely used virtual private network technology known as point-to-point tunneling protocol.
Virtual private networks, or VPNs, scramble traffic as it travels between a PC and its final destination so that the data is useless to hackers if they eavesdrop on those communications.
But Marlinspike provides clients with a tool that analyzes captured data streams and creates a data file that they upload to his website. He then runs that through code-cracking computer programs that figure out a password that will unscramble the protected communications. He delivers that to clients within 24 hours.
With access to web traffic, hackers could potentially steal passwords to financial accounts, read business emails and learn business secrets.
Marlinspike said he will not screen clients to determine whether they are using CloudCracker for illegal purposes, although his ultimate intent is help computer users by pressuring operating systems makers to make their software safer.
"What we're trying to do is force people to use more secure VPN technology in the products they are building," he said.
Marlinspike said that small to mid-sized businesses and consumers typically use VPN software with the point-to-point tunneling protocol.
Large corporations typically supply their employees with VPN software from Cisco Systems Inc, whose communications cannot be cracked by CloudCracker.com, he said.
Marlinspike has worked for Twitter since the end of last year when the mobile blogging service acquired a company he co-founded, Whisper Systems. Marlinspike said that CloudCracker.com was a personal project and has nothing to do with Twitter.
Hackers and security experts present research on a wide range of vulnerabilities in products ranging from computers and networking equipment to locks, drones and air-traffic control systems at the annual Def Con gathering.
They often publicize their work in an effort to warn the public about security risks and pressure manufacturers to address the problems.
The system is said to be able to suck in air from a 300-metre radius and from up to seven kilometres (over four miles) upwards.
Would create new distribution, content creation giant, if approved by regulators
Waves of cyberattacks disrupt services for many East Coast US Internet users
Critics slam company after claims it allowed NSA to scan all users’ emails
Shenzhou-11 to take 2 astronauts into space, dock with orbiting space lab Tiangong-2 within 2 days
A German politician has said Facebook should pay for failing to remove online hate comment
For the first time in over 120 years, a design patent case will be heard by the US supreme court.
Toyota is usually associated with cars, but it has been investing millions in robotics and Kirobo is its first commercial foray into the sector.
A joint Mongolian-Japanese expedition found the giant print, which measures 106 centimetres (42 inches) long and 77 centimetres wide.
Current conditions may ‘commit Earth to an eventual total warming of 5 degrees Celsius’ in few thousand years, author says
Cyber-attack in 2014 likely the largest data breach in history
Photographs, videos, polls, quoted tweets no longer count toward 140-character limit
2.5 million phones recalled days before Apple introduces iPhone 7
Mark Zuckerberg has vowed to continue effort to provide satellite for Africa
3.7-billion-year-old rock suggests life began soon after Earth’s formation
Facebook will target advertising to Whatsapp users but will steer clear of third party advertising content