Assume for a moment that I've used this DNS exploit to take control of your email account. The most obvious effect is that I can now read your mail. Also, I can read your mail and continue forwarding it to you, so that you never realize there is a problem. I can add attachments to your messages, or infect existing attachments from people you trust with viruses or malware. When your best friend sends a link to you about that funny video on YouTube, well, I can rewrite that link to go anywhere I want.
Yes, folks, the DNS bug is for real and potentially serious. Here's a bit of information on it.
And here's the video from the man himself:
- Log in to post comments
More like this
There is quite a lot of chatter around the intertubes about changes in the communication environment that happened between the last and this election and how those changes may be affecting the way the new White House communicates to people as well as how the new White House will receive…
Well, it's been about three weeks since I signed up for a personal account on twitter (you can follow me here if you're interested - my handle is @dnghub), and threw out my first "tweet."
Since then, I've found myself fully immersed in the web tool, and feel like I can say a few intelligent…
You know about Atheists Talk because I mention it now and then. I've done several interviews on the radio show. of sciency people like Neil deGrasse Tyson and Ira Flatow, and most recently George Church. I've also been interviewed on it. And I've done the TV now and then as well.
Here's the…
I'm going to intermittently keep track of the comments I make on other blogs. I'll spare you the totally trivial ones, but I don't guarantee this to be especially interesting. One point of doing this will be to track the ones that "disappear" on various sites (no names for now) that I've found don'…
Here's the site of the discoverer of the little buggy. He's a little app (DNS checker) that let's you test if you've any reason to panic or not. ^-^
Me stupid, me forgot to include linky:
http://www.doxpara.com/?p=1162
Thanks Greg, for making us all even more paranoid and nervous than we already is :-((
What's really sad is that the NTIA, by consistently delaying, for purely political reasons, to sign on to DNSSEC is, in effect, putting the whole Internet at risk via this bug. Good article on it today in Wired - http://blog.wired.com/27bstroke6/2008/08/experts-accuse.html
Not that this is failsafe by any stretch but using something like Opendns.org can help with some DNS issues. I've got it installed on my home server to test it out and so far seems pretty seamless fast. I'll probably set up our DNS servers at work to use it as well provided I don't find any issues with it.