The internet is broken.
Or at least, there’s a gaping big hole in its security.
Security researcher Dan Kaminsky spotted the flaw in the foundations of the internet, the DNS (Domain Name Server) system several months ago, then worked in secret until a patch could be prepared.
However, Kaminsky and others who were briefed then stayed quiet about the flaw after the patch was released simultaneously by several vendors.
This would allow time for ISPs to apply the patch, he argued.
Meantime, Kaminsky asked others not to speculate about what the bug might be, in case the bad guys were able to figure it out.
But now the cat is out of the bag.
First, reverse engineering specialist Halver Flack speculated on his blog about how the DNS bug might work.
Then one of the security specialists briefed by Kaminsky let slip that Flack had indeed hit the nail on the head.
The blog was quickly pulled, but unfortunately, the internet doesn’t work like that.
The Great and Powerful Google sees all, and remembers all. Now the hack is out there, cached by Google for anyone who cares to look.
So are you sure you’re really reading this at faduda.net?