Google, Roku, Sonos To Fix DNS Rebinding Attack Vector

The developer teams from Google Home, Roku TV, and Sonos, are preparing security patches to prevent DNS rebinding attacks on their devices. From a report: Roku has already started deploying updates, while Google and Sonos are expected to deploy patches next month. DNS rebinding is not a new attack vector by any stretch of the imagination. Researchers have known about it since 2007 when it was first detailed in a Stanford research paper. The purpose of a DNS rebinding attack is to make a device bind to a malicious DNS server and then make the device access unintended domains.

Re:Browser solution

[SirAstral]

NO NO NO NO NO NO NO NO NO!!!!!

Don't even DARE to come up with the idea that browsers should be performing these functions. The browser needs to do only one thing... trust the DNS server that gave it data because the USER or Admins configured it... OTHER more suitable tools (like inline network devices/services) should be doing this security. It is NOT just about what will or will not break with this, it is also about the thought of Google, Microsoft, Firefox, and Opera deciding what is good or bad DNS and then also dealing with false positives and bugs that is going to definitely come with attempting this. Not only that but this kind of functionality will now be tested on browsers and become included in their "security profiles".

It's just a terrible terrible idea, like putting a governor in every car connected to GPS to make sure it NEVER goes over the speed limit.

Hackers would waste NO TIME in compromising this garbage in a browser and system would become even less secure just having it in them NOT MORE secure.

I cannot expound on how terrible the idea you just had is!