|
|
|
Disturbing Trends
political comment in our turning world
|
|
| |
Thursday, July 10, 2008
Security researchers are criticizing hacker Dan Kaminsky for keeping quiet about technical details of a critical DNS flaw. Yes, but if he did publish and most of the world's DNS suppliers were unable to work out what was wrong, the way DNS works, would mean damage in the trillions of dollars. Some toleration of the occasional fraud of publicity seeking sensationalists is a small price to pay when faced with the potential loss of value from their web facing businesses, in fact instant degradation of their brand; business therefore takes a more pragmatic stance on computer viruses accepting any old story as important. Is this one important? Well if it is, then the only harm will come from unpatched DNS's of which there may still be many in between routes. Of all the doors to leave unlocked, DNS? Only the one that could cripple things. When you think of the 2048 bit encryption that is normal practice for any technical access to the internet, why the DNS keys are on a cheaply calculated 16 bit value is enough to make me fret with fear. If Dan Kaminsky has fixed that, well he had done humanity a massive favour, is that not already clearly an issue? Anyway, an exploit method is subject to the author's copyright and just because the "hacker community" have an open source exposure requiring proof of concept, creating a sort of hacker no go territory, is not protecting the rest of us who are subject to upgrade whims of mega corporations, changing rules littered with retroactive agreements and unread clauses. The hacker community may amuse themselves but their value to the real world is their magic code. Publication of all exploits. Then at least it would be lame, if for example some terrorist used it to compromise the security of the system that protected the house the hacker lives in, but anarchy has its rewards, and risks.
read more | digg story
12:46 AM
|
|
| |
|
|
|
