Kaminsky Reveals Information About DNS Bug
source: http://www.tech2.com/india/news/antivirus-security-internet/kaminsky-reveals-information-abo...
-
-
- CaptSutter
- added this
At the ongoing Blackhat conference in Las Vegas, Dan Kaminsky revealed some concrete info on the infamous DNS bug that he uncovered some time ago.
According to the information received, the bug is the worst that has been uncovered in over a decade. Apart from the DNS Cache poisoning that was initially revealed the bug could also be used to attack VPNs, SSL certification, automatic software update systems, spam filters and VOIP systems. The reason that this bug is so dangerous is that it affects DNS. DNS as it is widely known is the heart of the internet, as it is central for any kind of internet activity.
To resolve this issue to a large extent, Kaminsky worked with nearly 80 major vendors and software companies. Though the bug was initially discovered last month, Kaminsky rightfully held off discussing the bug openly and making a full disclosure as is the accepted industry practice.
This was a good move as the chaos that could have ensued with a bug this big cannot be envisioned. In the time since his initial announcement, virtually every major OS and software developer has issued patches to fix their products.
According to the information received, the bug is the worst that has been uncovered in over a decade. Apart from the DNS Cache poisoning that was initially revealed the bug could also be used to attack VPNs, SSL certification, automatic software update systems, spam filters and VOIP systems. The reason that this bug is so dangerous is that it affects DNS. DNS as it is widely known is the heart of the internet, as it is central for any kind of internet activity.
To resolve this issue to a large extent, Kaminsky worked with nearly 80 major vendors and software companies. Though the bug was initially discovered last month, Kaminsky rightfully held off discussing the bug openly and making a full disclosure as is the accepted industry practice.
This was a good move as the chaos that could have ensued with a bug this big cannot be envisioned. In the time since his initial announcement, virtually every major OS and software developer has issued patches to fix their products.
-
- tags:
- Internet, Hacking, dns, Dan Kaminski
