Ken Silva, chief technology officer at Verisign, said: "We have anticipated these flaws in DNS for many years and we have basically engineered around them."
He believed there had been "some hype" around how the DNS flaw will affect consumers. He added that while it was an interesting way to exploit DNS on weak servers, there were other ways to misdirect people that remained.
Here we should point out that Verisign are the pig-fuckers who stopped returning NXDOMAIN for.com in favour of their own search page and should never be trusted to say anything sensible about DNS.
"It's been overplayed in a sense. I think it has served to confuse the consumer into believing there is somehow now a way to misdirect them to a wrong site.
Well, Mr Silva, it IS a way to misdirect them to a wrong site.
As far as I can tell, the $900k comes from having to employ actual network administrators instead of a bunch of faeces-flinging monkeys.
Re:Business value and risk
on
The Pragmatic CSO
·
· Score: 2, Interesting
That's the problem. Return On Investment asks you to arrive at a figure by multiplying a bunch of numbers YOU DON'T KNOW TO START WITH:
"Most textbooks will tell you to compute the expected return on investment, by working out the annual cost of not doing X ( annual probability of occurrence times average loss if something bad happens ) minus the cost of not doing X. If you save money by implementing a safeguard, do it.
The problem is that you don't know any of these numbers very well at all, but you're pretty sure that putting an Intrusion Detection System in will be good for the company..."
My solution is to err on the side of caution, and remember that when the possible loss exceeds the value of your company, you should be taking ALL reasonable safeguards. That and appealing to "best practice" helps.
1. Priuses are just fine - given that you can get cars with 1.0L and 1.2L petrol engines that do OK on the motorway, how could it be worse?
2. Nuclear is great for base load - typical demand may make large jumps on top of that. Witness the peak in demand when 5 million people switch on the kettle in the ad break after Coronation St.
Nukes are necessary, but they will never be able to do everything, just like solar, wind and hydro can't do everything.
Slashdot Mirror
Google does corporate email accounts - http://www.google.com/a/help/intl/en/index.html . I'm kind of hoping the OP meant one of those.
No, it's like writing a google search to find passwords that *are already on the Internet*. E.g. 'intitle:"Index of" passwd passwd.bak'
( See GDHB : "Files containing passwords (135 entries) PASSWORDS, for the LOVE OF GOD!!! Google found PASSWORDS!" )
Couldn't even stand undergraduate differential equations :p
Relativistic physics "quite difficult" claims Stephen Hawking.
Rocket Science "harder than you might think" says NASA chief.
Nuff said.
Is that a 70-200m lens in your pocket, or are you just pleased to see me?
If by 'evolve', you mean 'markedly increase your risk of bowel cancer', then yes.
Dug Song wrote dsniff in 2000 - it's not news that you can see passwords go past on switched ethernet.
Condoms cut the chances of contracting AIDS by >99% and - this is the important bit - DO NOT INVOLVE REMOVING THE END OF MY PENIS
(Don't worry, I used to think that Singapore was 'quite close' to New Zealand. Actually it's 10 hours flying time.)
Programmer-Archaeologist.
Here we should point out that Verisign are the pig-fuckers who stopped returning NXDOMAIN for .com in favour of their own search page and should never be trusted to say anything sensible about DNS.
Well, Mr Silva, it IS a way to misdirect them to a wrong site.
Belgium doesn't exist!. Please stop perpetuating the leftist agenda!
I modded this down, but I should reply instead. Google "NHS sued over" and learn.
(NHS is government-run healthcare in the UK for those of you who think civilisation stops at Texas.)
I figured the TCO would be less than buying from AT&T, and less small print.
You're Allowed.
And wedding parties. Got to bomb those too. http://www.guardian.co.uk/world/2002/jul/03/afghanistan.lukeharding
Ah. They didn't give me OEM disks, and I'm tempted to just erase it and leave it...
So, SunOS is, like, 3 better.
What the hell? I'm typing this on Ubuntu which dual-boots quite happily with Vista SP1.
As far as I'm concerned, the vast majority of the parliamentary Labour Party can go suck a tailpipe.
Pissing on your core values is *not* a good election strategy.
As far as I can tell, the $900k comes from having to employ actual network administrators instead of a bunch of faeces-flinging monkeys.
"Most textbooks will tell you to compute the expected return on investment, by working out the annual cost of not doing X ( annual probability of occurrence times average loss if something bad happens ) minus the cost of not doing X. If you save money by implementing a safeguard, do it.
The problem is that you don't know any of these numbers very well at all, but you're pretty sure that putting an Intrusion Detection System in will be good for the company..."
-- http://www.systemstates.net/wordpress/return-on-investment/
My solution is to err on the side of caution, and remember that when the possible loss exceeds the value of your company, you should be taking ALL reasonable safeguards. That and appealing to "best practice" helps.
1. Priuses are just fine - given that you can get cars with 1.0L and 1.2L petrol engines that do OK on the motorway, how could it be worse?
2. Nuclear is great for base load - typical demand may make large jumps on top of that. Witness the peak in demand when 5 million people switch on the kettle in the ad break after Coronation St.
Nukes are necessary, but they will never be able to do everything, just like solar, wind and hydro can't do everything.
Mods with no sense of humour. *sigh*