New Terrapin Attack Threatens SSH Protocol Security: What You Need to Know

Researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) protocol, known as the "Terrapin Attack." This attack allows an attacker to downgrade the security of an SSH connection by manipulating the sequence numbers during the handshake process. The attack can be used to remove encrypted packets from the beginning of an SSH session without detection, potentially leading to unauthorized access or data tampering. The vulnerability affects many SSH client and server implementations, including popular ones like OpenSSH, PuTTY, and KiTTY. The researchers recommend two changes to the SSH specification to address the issues: resetting sequence numbers to zero when encryption keys are activated and authenticating a hash of the full handshake transcript at the start of the secure channel.

Related reads

Popular posts from this blog

Apple's Next Gen iPad Lineup: M3 MacBook Air and Refined iPad Pros on the Way?

Apple is planning to release new iPad Pro and iPad Air models in March 2024, featuring improved displays, processors, and designs. The iPad Pro will come in two sizes with an OLED display, while the iPad Air will have a new 10.9-inch and 12.9-inch option with an M2 chip. Apple is also expected to release a new Magic Keyboard specifically designed for the iPad Pro, and discontinue older models. Additionally, the company may update its MacBook Air lineup with new M3 chips and discontinue older models. Related reads 5 Apple products I'll definitely buy in 2024 The Apple iPad Air will get an M2 chip when it launches next year Apple could launch two new iPad Airs and two iPad Pros next year Apple may release M3 MacBook Air in March and refine its iPad lineup with new iPad Pro and iPad Air - Engadget
Read more

Intel Unveils Arrow Lake Gaming CPUs with AI Accelerators, Lunar Lake Brings Huge IPC Uplifts

Intel is releasing two new CPUs, Arrow Lake and Lunar Lake, in the second half of 2024. Arrow Lake is focused on gaming and includes an AI accelerator, while Lunar Lake offers significant IPC improvements and three times more AI performance on both the GPU and NPU than Meteor Lake. The Lunar Lake chip has one large die and two accompanying structures that appear to be on-package DRAM. Intel is already in the final stages of developing these processors and showed a brief glimpse of the Lunar Lake chip at CES 2024. Additionally, Intel introduced new desktop processors, including the Raptor Lake refresh for thin and light devices. Related reads CES 2024: Intel Briefly Shows Lunar Lake Chip; Next-Gen Mobile CPU Uses On-Package Memory - AnandTech Intel's Arrow Lake and Lunar Lake CPUs will arrive in 2024 - three times more AI performance for both GPU and NPU Intel Arrow Lake Gaming CPUs With AI Accelerators Coming This Fall, Next-Gen Lunar Lake Brings Significant IPC Over 3X NPU Uplif...
Read more

MediaTek Optimizes Chips for Next-Gen Gemini Nano Devices

MediaTek has partnered with Google to optimize its Dimensity 9300 and 8300 chipsets for Gemini Nano, a lightweight language model (LLM). This collaboration aims to make AI more accessible on more smartphones, starting with mid-range devices. The optimized Gemini Nano will enable on-device AI features, providing seamless performance, greater privacy, better security, lower latency, and lower operating costs. While flagship devices already benefit from Google's mobile-optimized LLM, this collaboration will make it easier for developers and OEMs to integrate Gemini Nano into their apps, making AI features more widespread. Related reads MediaTek announces Dimensity 9300 and 8300 chips are now optimized for Google Gemini Nano MediaTek optimizes Dimensity chips for Gemini Nano - Android Central Gemini Nano Is Helping With On-Device AI Features On Mid-Range Devices
Read more