Net address bug worse than feared

Source: BBC

By Maggie Shiels
Technology reporter, BBC News, Silicon Valley

A recently found flaw in the internet's addressing system is worse than first feared, says the man who found it.

Dan Kaminsky made his comments when speaking publicly for the first time about his discovery at the Black Hat conference in Las Vegas.

He said fixes for the flaw in the net's Domain Name System (DNS) had focused on web browsers but it could be abused by hackers in many other ways.

"Every network is at risk," he said. "That's what this flaw has shown."


Read more: http://news.bbc.co.uk/2/hi/technology/7546557.stm

---

Not everyone agrees as to the significance of this bug; dissenting views are included in the article.

This problem was fixed by the major Internet players more than a month ago.

patch the DNS flaw. (July 31)

Apple finally ships DNS flaw fix, patches 16 other Mac OS X holes
http://blogs.zdnet.com:80/security/?p=1618


DNS Flaw Threatens Mac OS X Servers, Apple Does Nothing
http://www.palluxo.com:80/2008/07/30/dns-flaw-threatens-mac-os-x-servers-apple-does-nothing/


Apple’s DNS Cache Poisoning Patch Leaves Users at Risk
http://www.palluxo.com/2008/08/02/apple-dns-cache-poisoning-patch-leaves-users-at-risk/

And Steve Jobs' crap doesn't smell like shit. :P

:evilgrin:

Over 100 bug fixes baked into Apple's Mac OS X 10.5.5 Update

http://www.appleinsider.com/articles/08/08/07/over_100_bug_fixes_baked_into_apples_mac_os_x_10_5_5_update.html

Quick, someone tell these Mac snobs their computing appliance has flaws!!!

OMFG!!!!

Every network admin that is halfway clued into what their job description is has already mitigated the issue. Then there are going to be the incompetent ones that leave their users flapping in the wind, but that's just par for the course no matter what the profession.

The problem is summed up by the Verisign guy in the article, and it is never going away: "The biggest gap in security rests between the keyboard and the back of the chair," he said.