Kaminsky On DNS Bugs a Year Later and DNSSEC

L3sPau1 writes "Network security researcher Dan Kaminsky has had a year to reflect on the impact of the cache poisoning vulnerability he discovered in the Domain Name System. In the time since, Kaminsky has become an advocate for improving security in DNS, and ultimately, trust on the Internet. One way to do this is with the widespread use of DNSSEC (DNS Security Extensions), which essentially brings PKI to website requests. In this interview, Kaminsky talks about how the implementation of DNSSEC would enable greater security and trust on the Net and provide a platform for the development of new security products and services."

Re:new security products and services? great.

[gandhi_2]

Nothing is better than generating fear to reduce the rights of your citizens.

Sincerely,
Both Political Parties.

Re:new security products and services? great.

[headhot]

The Kaminisky bug is real, and its being used out in the wild. This is not a hypothetical academic exercise. DNS needs to be secured. Its not fear mongering, and its not for profit.

Many of these security consultants you speak of are not consultants at all, but experts working on this stuff in their free time for the betterment of the internet.

You just think that way because you haven't been..

[brunes69]

.. hit yet.

Security is a tricky thing. You say security people sell you things "you don't need". But if you wait until you NEED security, it is already too late because you have a breach.

Security is not an ER visit, it is a regular preventative exam with your physician. It is something you have to take a pro-active approach with. Yes, this oten means investing time and money in something that has no immediate ROI. But that is the nature of the problem you are dealing with.

Re:new security products and services? great.

[headhot]

This is not how the kraminisky bug works. You can intercept and redirect traffic with a properly formed DNS label to a legitimate site.