Flaw found in common network security tech

ANN ARBOR, Mich., May 21 (UPI) -- A popular technology used to provide security on cellular networks can unwittingly help a hacker break into Facebook and Twitter accounts, U.S. researchers say.

Researchers at the University of Michigan said the technology, known as network firewall middleboxes, is meant to block data that doesn't appear to be part of the flow of information traffic on the network.


Of the nearly 150 networks computer science Professor Z. Morley Mao and doctoral student Zhiyun Qian tested worldwide, 32 percent used the middlebox technology, the University reported Monday.

An attacker could hijack an Internet connection using them, the researchers said.

Middleboxes monitor the "sequence numbers" of data packets being sent to mobile devices.

For example when a smartphone user takes a photo and shares it with a friend, the researchers said, it gets broken down into numerous packets before it's sent across the network.

The friend's smartphone looks to the sequence numbers to put the picture back together.

Middleboxes could help hackers use the process of elimination to home in on a number in the right range, as the middlebox can unwittingly let a hacker know when he's identified a sequence number that will allow a packet through.


Armed with a valid sequence number, the hacker could spoof Facebook or Twitter's Web log-in page and gain the user's passwords, the researchers said.

"Firewall middleboxes are supposed to protect against this kind of attack, but it turns out they do the opposite," Qian said. "Most vendors and carriers that deploy such firewall middleboxes still believe they are safe and we want them to be aware of this design flaw."

Latest Headlines