User: Password:
Subscribe / Log in / New account

Secrecy and the DNS flaw

Secrecy and the DNS flaw

Posted Jul 10, 2008 18:10 UTC (Thu) by emk (subscriber, #1128)
In reply to: Secrecy and the DNS flaw by copsewood
Parent article: Secrecy and the DNS flaw

I think enough has been published concerning the flaw so that white hats should by now know enough about the nature of it to remediate the vulnerability, without specific attack code having to be published before they have a chance to do so.

Just to clarify my earlier remarks, I’m not arguing that Kaminsky should publish exploit code. But it would be nice to know, soon, what the actual threat is. There’s a big difference between describing a problem, and actually publishing exploit code.

I once maintained an (incredibly minor) fork of a DNS implementation. It wasn’t a caching resolver, so I’m assuming it’s not affected. But I'd feel happier if I actually understood the problem.

In response to your other remarks, I really hope this isn't a weak PRNG problem. That would be pretty embarrassing.

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds