Slashdot Mirror

← Back to Stories (view on slashdot.org)

DNS Inventor Tackles Flaw

Posted by ScuttleMonkey on from the always-evolving dept.

nk497 writes "Dr Paul Mockapetris is looking to fix the flaws in the Domain Name System he helped invent. 'It was never meant to be the only security mechanism for naming data on the internet, but was intended for additional security measures to be added to it later.' The flaws, first uncovered by security researcher Dan Kaminsky over the summer, lets attackers redirect genuine URLs to malicious ones — a problem Mockapetris believes could be solved using digital signatures."

7 of 101 comments (clear)

  1. Re:Law is only way by mmell · · Score: 2, Informative

    That's right - let the Governments of the world fix the internet by legislation; after all, we all know how well the government understands the tubes of the intarweb. Perhaps Al Gore could be tapped to spearhead this incredibly important piece of legislation.

  2. Hm, that and DNSsec sucks ass by Nicolas+MONNET · · Score: 3, Informative

    Look at the history of DNSsec; the specs have been done and redone several times over, there is no consensus, and it looks like it would be a bitch to admin.

  3. Re:We'll add security later by Hal_Porter · · Score: 5, Informative

    Not really. Back when DNS was invented (1982) pretty much everything connected to the Internet was essentially a trusted machine. Arguably that was almost true until the Morris worm in 1988. Of course you could never truly trust them, but the idea was that if someone did something silly other people would phone them and then they would stop. Essentially it was an anarchy populated by non malicious people.

    --
    echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
  4. Re:Law is only way by zippthorne · · Score: 2, Informative

    It's trying to, but something is protecting the bankers.

    --
    Can you be Even More Awesome?!
  5. Re:Law is only way by megamerican · · Score: 2, Informative

    The free market can not exist in environments where the government gives special monopolies to a few companies. The only real competition in this market is for these companies to protect their monopolies.

    John D. Rockefeller said, "Competition is a sin."

    A great muckraking book on this topic is Confessions of a Monopolist, written in 1903.

    This kind of thing has been going on ever since the Supreme Court brazenly declared that a corporation has the same rights as a natural person.

    --
    If you have something that you dont want anyone to know, maybe you shouldnt be doing it in the first place -Eric Schmidt
  6. Re:Wow by gomiam · · Score: 2, Informative

    A town? I think Gutenberg was a person.

  7. Re:DNSsec by Russ+Nelson · · Score: 2, Informative

    It's not a question of DJB being too lazy to implement BIND zonefiles. It's more a question that BIND zonefiles must die because they're astoundingly difficult to parse, and even if they weren't, they're prone to user edit failures. Ever forgotten a dot at the end of a name? I haven't -- not since switching to djbdns.

    --
    Don't piss off The Angry Economist