A Look At the Safety of Google Public DNS

Posted by kdawson on Friday December 4, 2009 @04:35AM from the random-enough-maybe dept.

darthcamaro writes "Yesterday we discussed Google's launch of its new Public DNS service. Now Metasploit founder and CSO at Rapid7, H D Moore, investigates how well-protected Google's service is against the Kaminsky DNS flaw. Moore has put together a mapping of Google's source port distribution on the Public DNS service. In his view, it looks like the source ports are sufficiently random, even though they are limited to a small range of ports. The InternetNews report on Moore's research concludes: 'What Moore's preliminary research clearly demonstrates to me is that Google really does need to live up to its promise here. Unlike a regular ISP, Google will be subject to more scrutiny (and research) than other DNS providers.'"

1 of 213 comments (clear)

Min score:

Reason:

Sort:

Re:Privacy for what? by maxume · 2009-12-04 04:53 · Score: 5, Informative

Their public statements say that they are not linking the requests to other Google services, and that they are discarding ip addresses within a day or two.

--
Nerd rage is the funniest rage.