Technology Rivals Unite to Thwart Web Hijack Risk

Technology giants have united to fix a serious flaw in the Internet addressing system that might let hackers hijack Web traffic.

The big software and hardware makers worked in secret for months to create a software patch which has now been released to repair the glitch.

The flaw, discovered by accident, would allow criminals to redirect users to fake Web pages, even if they typed the correct address into a browser.

• Click here to visit's Cybersecurity Center.

Dan Kaminsky, a security researcher at IOActive, stumbled upon the vulnerability in the domain name system (DNS) about six months ago and contacted industry giants including Microsoft, Sun Microsystems and Cisco to collaborate on a solution.

DNS is the Internet's equivalent of a telephone exchange, linking the Web address typed by a user with the Web site's unique numerical address.

"It's a fundamental issue with how the entire addressing scheme of the Internet works," Rich Mogul, an analyst at Securosis based in Phoenix, said in a conference call. "You'd have the Internet, but it wouldn't be the Internet you expect. [Hackers] would control everything."

• Click here to read the rest of this story in the Times of London.