4 Million Computers Hacked

Discussion in 'Current Events' started by eljanitor, Nov 9, 2011.

  1. eljanitor macrumors 6502

    eljanitor

    Joined:
    Feb 10, 2011
    #1
  2. gnasher729, Nov 10, 2011
    Last edited: Nov 10, 2011

    gnasher729 macrumors P6

    gnasher729

    Joined:
    Nov 25, 2005
    #2
    Actually, the report is complete nonsense. None of these computers were hacked. It was DNS servers outside that were hacked.

    When you type in for example "www.apple.com" in Safari, Safari will ask your ISP's DNS server "where is www.apple.com", the DNS server will tell it, and then Safari sens any request to Apple's server. In this case someone managed to hack the DNS server. So when Safari asked "where is www.apple.com" it was told the location of the hackers' server.

    That is why you only ever type in sensitive information when your connection is using https. In that case, Safari will ask the server on the other side for a certificate that proves that it is actually www.apple.com. The hackers can redirect Safari to another server, but they cannot forge that certificate.

    And the "websites of institutions like iTunes, Amazon, and the IRS" were not hacked. In the scenario above, Safari never, ever talked to iTunes, or Amazon, and so on. It only talked to the hackers' server.
     

Share This Page