Sunday, August 10, 2008

Latest DNS Patch Also Flawed

The patch for the recent DNS cache-poisoning exploit is itself flawed, according to this New York Times story. Technical details are on the blog of researcher Evgeniy Polyakov, a Russian physicist.

But I think The New York Times got it right down toward the middle of the article in saying that the fundamental problem with DNS is it wasn't built for identifying people, only machines. It was built 17 years ago, when the Internet was a kinder gentler place where everybody knew each other. This was long before it became the home of infinite users engaging in high-risk activities like online banking.

The article cited security experts who said many of these issues would be resolved with better identity and authentication on the Internet.


Post a Comment

<< Home