Kaminsky Bug Options Include "Do Nothing," Says IETF

netbuzz writes "Meeting in Minneapolis this week, the Internet engineering community is debating whether to aggressively fashion and apply fixes for the so-called Kaminsky bug in the DNS discovered this summer, or to simply let its threat stand as motivation for all to move with greater speed toward DNSSEC, which is considered the best long-term security solution. Problem with the latter approach is that DNSSEC has been in the works for a decade already, no one is confident it will be universally embraced, and the Kaminsky flaw is causing real problems today.

DNS

TMBG37 GOES TO THE MARKET
        -or-
DNS for fucking idiots.
(NONE LIKE IT HOT!)
 
1. TMBG37 tries to go to www.dildomall.com with his browsar.
        a. His local machine checks if he's been there recently
          and if it remembers the IP address.
        b. Let's assume (big assumption people), that TMBG37
          hasn't been buying any rubbery cocks of late (ha!),
          his computar connects to its local nameserver.
                --> HELO MISTAR NAMESERVAR
                <-- Oh fuck it's you :(
                --> WHERE DO I BUY DILDOES?
                <-- Shit kid I don't even want involved with that.
                --> GIVE ME ADDRESS FOR www.dildomall.com!!!!!
                <-- Fuck you. But fine, its nameserver is
                    ns1.bunghole.org, which is 69.69.69.69.
                --> THANK YOU SIR
        c. His computer goes on to pester ns1.bunghole.org, via
          its IP address, which it got from the local nameserver.
                --> OMG R U ns1.bunghole.org?
                <-- Oh christ, I've heard about you :(
                --> OMG PLZ WHAT IS www.dildomall.com !!!!?
                <-- Leave me alone.
                --> PLXX?????
                <-- It's 37.37.37.37
                --> OMG HHLUAHGLAUHGALUHGUH *SUCKING DICK*
2. TMBG37 goes on to happily penetrate his anus with a dildo
  bought from www.dildomall.com, with the IP address 37.37.37.37.
  There are HTTP/1.1 issues involved here if it is using virtual
  hosting, but that's NEITHER HERE NOR THERE.

Re:DNS

[pleappleappleap]

To know recursion, you must first know recursion.

Re:DNS

[superdave80]

Consider my mind officially blown.

Re:DNS

[Spazmania]

You keep that up, I might just blow my stack.

Re:DNS

I've looked up www.dildomall.com and it's 216.8.179.24, you insensitive clod!

DNS to slashdot has been hacked ....

[cullenfluffyjennings]

and I am reading the wrong site. The aliens can return the real slashdot now. Surely IETF would never choose to "Do Nothing" :-)

How many legs does the Kaminsky bug have?

[pandrijeczko]

If it's eight, then it's probably that perishing missing space station spider!

In which case, you go get the vacuum cleaner and I'll stand here shaking in the corner emitting arachnophobic screams...

Re:How many legs does the Kaminsky bug have?

[cstdenis]

It's a space station. You don't need a vacuum cleaner. Just open a window.

Re:How many legs does the Kaminsky bug have?

[scrib]

If it's eight, then it's probably that missing space station spider!
I'll stand here shaking in the corner emitting arachnophobic screams...

I'm sorry, I can't hear you scream...

Re:How many legs does the Kaminsky bug have?

[lgw]

It's a space station. You don't need a vacuum cleaner. Just open a window.

No way! That would make a vacuum dirtier!

Re:sounds familiar

[jacquesm]

*whoosh*...

You really should have your humor circuits checked you know ?

YHBT

Re:Minneapolis?

[Al+Dimond]

I don't know much about this sort of thing, but I bet it's relatively cheap to book in cold-weather cities in the winter.

As a side benefit, it annoys Californians. Win all around.

Re:sounds familiar

[mellon]

Trust me, there's very little need for Trojans at a typical IETF meeting.