Several industry giants and Internet security firms have been quietly collaborating to roll out an Internet-wide system of patches to block a hole in the Internet’s DNS system, which allows for DNS cache poisoning. DNS, which stands for Domain Name System, translates domain names to the actual number-based address on the Internet at which the computer for that domain resides, allowing computers to find each other, such as to visit a website.
DNS cache poisoning allows a hacker to change the data so that when your computer uses DNS to determine where the domain you want to visit is hosted, your computer is told to go to the wrong place (where an exact copy of the website you want to visit is waiting).
For example, if you want to visit a website at example.com, your computer should be told to go to the computer at IP address 1.1.1.1, but with DNS cache poisoning, instead your computer will be told to go to 2.2.2.2, where the hacker’s machine is waiting – with that exact copy of the website you wanted to visit – so that while the hacker is doing all sorts of evil things like sucking down all of your passwords and installing viruses on your computer – you’ll be none the wiser.
The DNS cache poisoning DNS vulnerability was discovered a few months ago, and companies such as Microsoft, Sun, and Cisco have been quietly but steadily working with security experts to create a fix that could be applied system-wide. That fix was released yesterday, the culmination of a first-ever industry effort which saw the leading providers of every leading computer platform involved – this was necessary because DNS is used by every computer attached to the Internet, and so every one of those computers, regardless of make or platform, has the potential to become a victim of the DNS vulnerability. As a result, explained CERT (the U.S. Computer Emergency Readiness Team), “web traffic, email, and other important network data can be redirected to systems under the attacker’s control.”
The flaw was discovered by security researcher Dan Kaminsky, who contacted the companies and fellow security researchers – his efforts culminated in the collaboration, which started with meetings hosted by Microsoft in Redmond in March.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
“I found it completely by accident .I was looking at something that had nothing to do with security. This one issue affected not just Microsoft and Cisco, but everybody,” said Kaminsky, adding that “A lot of people really stepped up and showed how collaboration can protect customers.”
Explained Jeff Moss, founder of the Black Hat computer securit conference, “We are seeing a massive multi-vendor patch for the entire addressing scheme for the internet – the kind of a flaw that would let someone trying to go to Google.com be directed to wherever an attacker wanted.”
Most personal computers will receive the fix and can be protected simply by going through the automatic update process (Microsoft, for example, released the fix for Windows computers through their automatic update process yesterday).
Said Kaminsky, “People should be concerned but they should not be panicking. We have bought you as much time as possible to test and apply the patch. Something of this scale has not happened before.”
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
Some people aren’t so happy about how long it took to implement this fix: