Assume for a moment that I've used this DNS exploit to take control of your email account. The most obvious effect is that I can now read your mail. Also, I can read your mail and continue forwarding it to you, so that you never realize there is a problem. I can add attachments to your messages, or infect existing attachments from people you trust with viruses or malware. When your best friend sends a link to you about that funny video on YouTube, well, I can rewrite that link to go anywhere I want.
Yes, folks, the DNS bug is for real and potentially serious. Here's a bit of information on it.
And here's the video from the man himself:
- Log in to post comments
More like this
There is quite a lot of chatter around the intertubes about changes in the communication environment that happened between the last and this election and how those changes may be affecting the way the new White House communicates to people as well as how the new White House will receive…
Because of my stands against dubious medical "therapies" and outright quackery and for science- and evidence-based medicine, I have been the frequent target of what I've come to call the "pharma shill gambit." It's a pretty stupid and common ad hominem attack in which the attacker, virtually always…
Well, it's been about three weeks since I signed up for a personal account on twitter (you can follow me here if you're interested - my handle is @dnghub), and threw out my first "tweet."
Since then, I've found myself fully immersed in the web tool, and feel like I can say a few intelligent…
About a year ago, a month before our wedding, I was walking with my wife (wife-to-be, I guess) and some friends through New York City. It was a hot, sunny summer day, so she was in a sun dress.
We walked through parks, we met various friends throughout the city, and generally had a good time.
That…
Here's the site of the discoverer of the little buggy. He's a little app (DNS checker) that let's you test if you've any reason to panic or not. ^-^
Me stupid, me forgot to include linky:
http://www.doxpara.com/?p=1162
Thanks Greg, for making us all even more paranoid and nervous than we already is :-((
What's really sad is that the NTIA, by consistently delaying, for purely political reasons, to sign on to DNSSEC is, in effect, putting the whole Internet at risk via this bug. Good article on it today in Wired - http://blog.wired.com/27bstroke6/2008/08/experts-accuse.html
Not that this is failsafe by any stretch but using something like Opendns.org can help with some DNS issues. I've got it installed on my home server to test it out and so far seems pretty seamless fast. I'll probably set up our DNS servers at work to use it as well provided I don't find any issues with it.