BIND update?
Chris Palmer
chris at noncombatant.org
Thu Jul 10 05:21:54 UTC 2008
Jason Stone wrote:
> So you say, "But I don't send important information over that
> connection, nor do I trust the information I get back?" Maybe. I think
> that the AOL data leak fiasco proved that, while people don't generally
> think of search queries as sensitive, they really kind of are. And you
> almost certainly place _some_ trust in the results you get back; I mean,
> you're not reading them purely as fiction.
I validate such unauthenticated information at the human layer. Have to --
even when nobody has tampered with DNS, BGP, or HTTP, the stuff at
nytimes.com and wikipedia.org is still often false.
> So, if your DNS resolver is vulnerable to cache poisoning, then every
> time you casually surf the web, you're allowing for the possibility that
> you will get spoofed, surf to some malware site, get served a browser
> exploit, and get 0wned.
That is already true, and is true regardless of the "security" of the DNS.
Think hard on why this is possible:
http://ex-parrot.com/~pete/upside-down-ternet.html
:)
Similarly, why does YouTube disappear whenever Pervez Musharraf gets cranky?
> I agree that DNSSEC is the real solution.
It won't, and can't, solve *any* of the problems you cited. Any attacker
than can mangle my DNS traffic (and cache poisoning is hardly the only way
to do that) can also just read and alter *any* non-secure-by-design
plaintext network traffic.
> I also think that making it easy (or even possible) to sandbox the
> browsers is a real solution. I think that using strong crypto everywhere
> and making fine-grained capabilities and MAC systems ubiquitous is also a
> real solution.
Okay, I know when I'm being trolled. :) I'll stop posting now. It's bed time
anyway.
More information about the freebsd-security
mailing list