GnuTLS Bug Leaves Linux Users Vulnerable To Hacks
A variety of Linux distributions are vulnerable to hacks because of a bug that allows people to bypass security protocols to intercept and disseminate encrypted information. A member of the Red Hat security team discovered a bug in the GnuTLS library that allows hackers to easily circumvent the Transport Layer Security (TLS) and secure sockets layer (SSL).
The vulnerability affects the certificate verification, meaning secure connections that are supposedly going through as secure, are not. Someone could compromise a secure connection by using a “man-in-the-middle” attack, acting as the server to intercept traffic, financial transactions or secure information.
Apple suffered its own flaw last week when researchers discovered a critical security vulnerability that allowed hackers to spoof servers and intercept supposedly secure data from Apple’s servers. In terms of numbers of users affected, the GnuTLS flaw is considerably smaller than Apple's bug, which affected iOS and Mac devices alike, but patching the GnuTLS vulnerability for all Linux users will be harder.