Critical flaw in the internet that you don’t need to worry about.


Sometimes people wonder what it is that i do here all day (and sometimes night) long.  Sometimes nobody cares but i feel like sharing anyhow.  Lately i’ve been patching servers and shoring up our inter and intranet security.  You see…

A while back, internet security researchers discovered a problem with the interwebs.  In the words of Dan Kaminsky, the fellow who found the problem:

So there’s a bug in DNS, the name-to-address mapping system at the core of most Internet services. DNS goes bad, every website goes bad, and every email goes…somewhere. Not where it was supposed to.

In secret they worked in collaboration with EVERY major internet software and hardware vendor i.e. Microsoft, Cisco, Yahoo.  All these programmers got together and designed a most elegant solution AND were able to release the patches to systems administrators BEFORE the “baddies”, the hackers, got a chance to do anything nefarious.

Today was the “deadline” arbitrarily determined as the point at which the evil netizens would have probably figured this out and started to do bad things.  And by today ALL major internet players have seeded fixes to their users (People’s was all patched up on Monday).

For me, the moral of this story is “cooperation works!” thanks to the colossal collaborative efforts of many internet superheros, the information superhighway is moderately safer that it could have been 😉  And kids, when you go home today, make sure you download the latest software update for your operating system.

So no need to fret, and lets hear it for the internet!

Posted on August 7, 2008 in geek, tech

Share the Story

About the Author


  1. joelbrock
    August 7, 2008 at 4:18 am ·

    BTW. The video shows the vulnerability to this attack on servers around the world.

    Red — Unpatched
    Yellow — Patched, but the NAT is screwing things up
    Green — OK

  2. joelbrock
    August 9, 2008 at 7:43 am ·

    Now that the exploit has been released:

    “John Markoff of the NYTimes writes about a Russian hacker, Evgeniy Polyakov, who has successfully poisoned the latest, patched BIND with randomized ports. Originally, the randomized ports were never supposed to completely solve the problem, but just make it harder to do. It was thought that with port randomization, it would take roughly a week to get a hit. Using his own exploit code, two desktop computers and a GigE link, Polyakov reduced the time to 10 hours.”

    –from Slashdot.

Leave a reply

Your email address will not be published. Required fields are marked *

Back to Top