DNS Bug: It is still there.


Assume for a moment that I’ve used this DNS exploit to take control of your email account. The most obvious effect is that I can now read your mail. Also, I can read your mail and continue forwarding it to you, so that you never realize there is a problem. I can add attachments to your messages, or infect existing attachments from people you trust with viruses or malware. When your best friend sends a link to you about that funny video on YouTube, well, I can rewrite that link to go anywhere I want.

Yes, folks, the DNS bug is for real and potentially serious. Here’s a bit of information on it.

And here’s the video from the man himself:


  1. #1 student_b
    August 15, 2008

    Here’s the site of the discoverer of the little buggy. He’s a little app (DNS checker) that let’s you test if you’ve any reason to panic or not. ^-^

  2. #2 student_b
    August 15, 2008

    Me stupid, me forgot to include linky:


  3. #3 Arj
    August 15, 2008

    Thanks Greg, for making us all even more paranoid and nervous than we already is :-((

  4. #4 Doug Alder
    August 16, 2008

    What’s really sad is that the NTIA, by consistently delaying, for purely political reasons, to sign on to DNSSEC is, in effect, putting the whole Internet at risk via this bug. Good article on it today in Wired – http://blog.wired.com/27bstroke6/2008/08/experts-accuse.html

  5. #5 Rev. BigDumbChimp, KoT
    August 18, 2008

    Not that this is failsafe by any stretch but using something like Opendns.org can help with some DNS issues. I’ve got it installed on my home server to test it out and so far seems pretty seamless fast. I’ll probably set up our DNS servers at work to use it as well provided I don’t find any issues with it.