DNS Flaw Unfixed as Experts Argue Protocol

Speculation continues as to what the ultimate systemic Domain Name System (DNS) flaw could be. This flaw apparently allows Web surfers to be spoofed, directing them to fake Web sites to gain passwords and load malware on their computers.

The flaw was first revealed by Dan Kaminsky, a researcher at security firm IOActive Inc., although Kaminsky largely withheld the technical details of the exploit.

In a Friday morning press conference, Kaminsky said that many of the patches released by various IT vendors and security firms reacting to his bug discovery (reported by CNet News.com) are at best temporary fixes to a more pervasive problem. Kaminsky added that he would be disclosing further findings at the Black Hat security conference in Las Vegas next month.

http://redmondmag.com/news/article.asp?EditorialsID=10069

Leave a Reply