Kaminsky's DNS Attack Disclosed, Then Pulled

An anonymous reader writes "Reverse engineering expert Halver Flake has recently mused on Dan Kaminsky's DNS vulnerability. Apparently his musings were close enough to the mark to cause one of the Matasano team, who apparently already knew of the attack, to publish the details on the Matasano blog in a post entitled 'Reliable DNS Forgery in 2008.' The blog post has since been pulled, but evidence of it exists on Google and elsewhere. It appears only a matter of time now before the full details leak." Reader Time out contributes a link to coverage on ZDNet as well.

wow

only a handful of posts. i bet if this was about some faggot comic book shit it would be ten times as many. you know why? because the vast majority of slashfags are just a bunch of wannabes. they don't know shit unless it's in a fag comic book or a dungeons and dragons guide. fucking shitfucks. it's disgusting. homos are bitch queers who need their asses kicked.

Re:The push for DNSSec

tip: some girls are "lesbian" to turn on guys. The others are fat, ugly, or look like men.

Re:The push for DNSSec

[afidel]

Are you saying there are STILL ISP's not doing egress filtering?!?!? That was known to be necessary back in the early-mid 90's. The fact that someone stupid enough to not do it today is allowed to peer is mind boggling.

Re:The push for DNSSec

[TheLink]

"also have the usual problems with crypto, i.e. establishing a "web of trust" (it's all very well if records under google.com are signed, but how do you know they're signed by Google?)."

Oh, I'm sure it'll require certs being signed by some CA.

Some CA that we can "trust" (to do the wrong thing). Go see what the CA companies really do. See who they are linked to, and who gets the $$$.

This DNSSec thing is such a great solution huh?

Re:The push for DNSSec

[p3on]

HEY GUSY IM A GIRL LOOK