“Today’s security software is ineffective against an emerging networking technology already in use by Apple for its Siri voice-recognition software, according to research presented at the Black Hat hacking conference this week,” Jeremy Kirk reports for IDG News Service.
“The technology, called Multipath TCP (MPTCP), is a souped-up sibling of TCP, a cornerstone Internet protocol for transferring data packets between computers. Cisco and Juniper have also put MPTCP in some of their equipment,” Kirk reports. “But while TCP can only use one connection path to send data, MPTCP can simultaneously use different connection paths, such as Wi-Fi and a mobile phone’s data connection, which results in better performance and resiliency.”
“MPTCP is still in its early days, and the Internet Engineering Task Force, which creates Internet technology standards, is still studying it. But because MPTCP is already backwards-compatible with TCP, it works, and Apple uses it for Siri,” Kirk reports. “The problem is that splitting data steams over different connection paths poses thorny issues for security technologies such as firewalls and deep packet inspection software, which are designed for regular TCP, said Catherine Pearce, a security consultant with Neohapsis.”
Much more in the full article here.
[Thanks to MacDailyNews Reader “James W.” for the heads up.]