Assume for a moment that I've used this DNS exploit to take control of your email account. The most obvious effect is that I can now read your mail. Also, I can read your mail and continue forwarding it to you, so that you never realize there is a problem. I can add attachments to your messages, or infect existing attachments from people you trust with viruses or malware. When your best friend sends a link to you about that funny video on YouTube, well, I can rewrite that link to go anywhere I want.
Yes, folks, the DNS bug is for real and potentially serious. Here's a bit of information on it.
And here's the video from the man himself:
More like this
Remember the earlier discussion of the DNS bug? If the internet is the post office, the DNS is the collection of all of the addresses on all of the envelopes traveling around the system. It is secure, inherently.
This is a tip for selecting the fastest DNS server.
href="http://www.opendns.com/">OpenDNS already has
fans at ScienceBlogs (
href="http://scienceblogs.com/pharyngula/2007/08/turkish_ass_shuts_down_a_slice.php">1
This seems very odd. The Internet -- including web sites and
email -- has been found to have a very serious security flaw.
Civilized places such as Sweden and Puerto Rico are already
fixing the problem. There are plans to improve security for
Somehow, annoyingly, the DNS for freethoughtblogs got redirected to the bad old server, Bluehost, and all you see when you go there is a dead static page. Ed Brayton is scrambling to figure who screwed up what where and get it fixed as soon as possible.
Here's the site of the discoverer of the little buggy. He's a little app (DNS checker) that let's you test if you've any reason to panic or not. ^-^
Me stupid, me forgot to include linky:
http://www.doxpara.com/?p=1162
Thanks Greg, for making us all even more paranoid and nervous than we already is :-((
What's really sad is that the NTIA, by consistently delaying, for purely political reasons, to sign on to DNSSEC is, in effect, putting the whole Internet at risk via this bug. Good article on it today in Wired - http://blog.wired.com/27bstroke6/2008/08/experts-accuse.html
Not that this is failsafe by any stretch but using something like Opendns.org can help with some DNS issues. I've got it installed on my home server to test it out and so far seems pretty seamless fast. I'll probably set up our DNS servers at work to use it as well provided I don't find any issues with it.