The security company Guardent trumpeted the discovery of a glitch in transmission control protocol, TCP, that bad guys could exploit to do bad things. With few exceptions, the media rehashed Guardent's press release and talked to its executives; few outlets checked with outside security experts.
Guardent did a careful half-disclosure of its claimed discovery of a way to predict the supposedly random serial numbers of TCP sessions. A cracker who could do this reliably could hijack, corrupt or shut down any conversation between two devices on the Net. The security company did not release details of its claimed exploit, saying it would do so only to companies that signed non-disclosure agreements.
Guardent's press release, and most of the news coverage of it, failed to mention that this vulnerability has been known since at least 1986, or that in 1996 AT&T wrote a document for the Internet Engineering Task Force explaining how to overcome it, or that many modern operating systems have implemented AT&T's suggestions. Guardent's release claimed that no past exploits of the vulnerability were known, and the press echoed this claim. In fact, uber-hacker Kevin Mitnick used this very technique in his battle against security expert Tsutomu Shimomura.
EWeek's Dennis Fisher turned in a well-rounded report for ZDNet. He noted the history of the vulnerability and quoted an independent security consultant's comment that the problem is "as old as the hills."
Every tech reporter has access to geek hangouts such as Slashdot. While these forums won't supply reporters with authoritative information, they will point out non-obvious wrinkles that reporters ought to follow up by talking to their favorite security sources. Has Guardent found a truly new problem, or was it simply garnering publicity by pressing the button labeled "security flaw"? Today's coverage won't give readers much help in deciding.
Researchers Identify Serious Flaw in TCP
Flaw Uncovered in TCP
Software Flaw May Pose Risk for Net User
TCP Security Flaw Found
Security Hole in TCP
Guardent Security Advisory A0303122001: TCP Sequence Number Vulnerability