(CBS SF) — The hackers behind the HeartBleed security issue that compromised millions of passwords and affected an estimated two-thirds of « secure » websites around the world could be brought down by a simple and quaint-sounding trick being engineered at the University of Texas at Dallas — a special type of « honey pot. »
Computer security researchers there had been developing a technique called « Red Herring » the automatically creates decoy servers on a company’s servers themselves — so hackers who exploit a vulnerability think they’ve gained confidential secure information, but instead, they’re attracted to a sweet, sticky « honey pot » that is monitoring what they do, analyzing their actions, and tracking them down.
Heartbleed became public on April 8th, and the team deployed the Red Herring system 2:30 a.m. the next day.
“When Heartbleed came out, this was the perfect test of our prototype,” UT Dallas Cyber Security Research and Education Institute (CSI)…
View original post 213 mots de plus