tag:blogger.com,1999:blog-37798047.post7021591642780903291..comments2024-01-16T05:48:33.523-05:00Comments on Errata Security: The DNS is fallingDavid Maynorhttp://www.blogger.com/profile/09921229607193067441noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-37798047.post-55795490298164013502008-08-09T18:53:00.000-04:002008-08-09T18:53:00.000-04:00Bad News,Although Dan did a private disclosure to ...Bad News,<BR/>Although Dan did a private disclosure to the companies and had it patched without external review of the bug/vulnerability, there are still big problems. Because of the lack of peer review of potential patches to DNS servers, a exploit has been found of the patch by a Russian Physicist. You can read more here: <BR/><BR/>Editor Of:<BR/>www.secureyourselfonline.comGillis57https://www.blogger.com/profile/13118371179701680669noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-52351362984924448152008-07-27T23:41:00.000-04:002008-07-27T23:41:00.000-04:00Well put. I find that the hype machine has out-do...Well put. I find that the hype machine has out-done itself on this one, not to say that Dan's find and coordination of industry isn't impressive.<BR/> What's interesting as well is the age of this type of vulnerability, and the fact that years after we've gone far down the rabbit-hole of fixing complex security issues, DNS is still as vulnerable, and as simple as it was when the Internet was used by little more than enthusiasts and computer nerds.<BR/> I can't help like we're missing the forest for the trees here... the bigger-picture issue isn't that DNS is vulnerable to this attack, it's that we've completely been asleep at the wheel chasing more "sexy" solutions to Web 2.0 problems when Web 0.1Beta issues are still just as nasty, or worse. A compromise in the underpinnings of the Internet is unconscionable... and the fact that it's out there in 2008 is a black-eye to Internet engineers/security alike.Rafal Loshttps://www.blogger.com/profile/18106347834259269413noreply@blogger.com