Reflections on Brilliant Digital: Single Points of 0wnership

nweaver writes "Some reflection on Brilliant Digital's plans shows that they have inadvertently created a Single Point of 0wnership: a single machine or small group of machines which, if succesfully attacked, can be used to gain effective control of the Internet. The implications are rather scary: Even if you never touched KaZaA, your systems may be affected if someone manages to attack Brilliant Digital's update service. Who needs a Warhol Worm?".Updated by HeUnique: use these instructions to remove the Brilliant part.

Re:Any comments?

[DCram]

From the article the other day on root DNS servers.
Story
For the "internet" to be greatly affected multiple root servers must be brought down.

"The DNS is built so that eight or more of the world's 13 master root servers would have to fail before ordinary Internet users started to see slowdowns, according to John Crain, manager of technical operations for the Internet Corporation for Assigned Names and Numbers (ICANN)."

Re:Already Exists

[cscx]

No, see, Windows Update has security signatures on all of its packages. Plus, you are discounting that the auto-update feature is only available Windows ME and XP, and even so, it doesn't automatically install updates unless you explicitly set it to. That really narrows down the population. Don't forget all the corporate users who are subject to Windows Update corporate edition, where the admin decides which updates to install.

On the other hand, how many people are running Kazaa in comparison (on Win95, for example)? A lot more. What is worrysome is the corporate user running Kazaa behind an improperly set firewall. If he is on a large pipe, that can spell trouble. Imagine that problem multiplied by the number of users running Kazaa. Can you say "imagine a Beowulf cluster of DoS zombies?"