My blog has moved!

You should be automatically redirected to the new home page in 60 seconds. If not, please visit
http://gerrycanavan.com
and be sure to update your bookmarks. Sorry about the inconvenience.

Tuesday, December 02, 2008

When DNS was created in 1983, it was designed to be helpful and trusting—it's directory assistance, after all. It was a time before hacker conventions and Internet banking. Plus, there were only a few hundred servers to keep track of. Today, the humble protocol stores the location of a billion Web addresses and routes every piece of Internet traffic in the world.

Security specialists have been revamping and strengthening DNS for more than two decades. But buried beneath all this tinkering, Kaminsky had just discovered a vestige of that original helpful and trusting program. He was now face-to-face with the behemoth's almost childlike core, and it was perfectly content to accept any information he wanted to supply about the location of the Fortune 500 company's servers.

...

But who was he kidding? He was just some guy. The problem had been coded into Internet architecture in 1983. It was 2008. Somebody must have fixed it by now. He typed a quick series of commands and pressed enter. When he tried to access the Fortune 500 company's Web site, he was redirected to an address he himself had specified.

"Oh shit," he mumbled. "I just broke the Internet."


More at MeFi, where Kaminsky himself shows up to explain the story further.