You can all breathe a little more easily tonight. The internet is safe again.
During a presentation at the wonderfully named Black Hat Conference in Las Legas, a gathering of security professionals, Dan Kaminsky outlined the flaw in the design of Domain Name System that could allow the unscrupulous to hijack well known domain names – google, for example, or amazon – and redirect users to a website which could download malware or phish for credit card or other sensitive information.
Kaminsky attracted widespread criticism when he went public with the existence of the flaw some weeks ago, encouraging sysadmins to apply a patch developed in secret by several major corporations, but without releasing details of the problem so that others could judge if the fix was really necessary.
Upgrading the entire internet takes time, and Kaminsky refused to release the full details to give ISPs and hosting companies a change to get the patch in place before it could be exploited.
The consensus, now that details have been released, it that the secrecy was necessary, and that most major websites have been secured.
If you want to check if your ISP is secured, visit www.doxpara.com and click on ‘Check my DNS’.