Security Researcher Kaminsky Pushes DNS Patching

BobB-nw writes "Dan Kaminsky, who for years was ambivalent about securing DNS, has become an ardent supporter of DNS Security Extensions. Speaking at the Black Hat DC 2009 conference Thursday, the prominent security researcher told the audience that the lack of DNS security not only makes the Internet vulnerable, but is also crippling the scalability of important security technologies. 'DNS is pretty much our only way to scale systems across organizational boundaries, and because it is insecure it's infecting everything else that uses' DNS, the fundamental Internet protocol that provides an IP address for a given domain name, said Kaminsky, director of penetration testing at IOActive. 'The only group that has actually avoided DNS because it's insecure are security technologies, and therefore those technologies aren't scaling.'"

Who is Dan Kaminsky

[phantomfive]

In case anyone was wondering who Dan Kaminsky is, besides being the one who discovered the recent DNS vulnerability, he also did research regarding the Sony rootkit. His picture is available online, and he looks like a regular decent guy, for whatever that's worth. He's written some sort of port scanner called scanrand, and started a company called Doxpara Research.

Re:Who is Dan Kaminsky

[gavron]

I think you're confusing Dan with Mark Russinovich -- they guy who discovered the Sony rootkit.

http://blogs.technet.com/markrussinovich/archive/2005/10/31/sony-rootkits-and-digital-rights-management-gone-too-far.aspx

E