DNS Security Hole Threatens Internet

Security experts are warning that a major Domain Name Service (DNS) hole could have catastrophic results for the web in the near future. DNS, which is responsible for converting readable names into IP addresses for individuals and major firms alike, is nothing less than the Internet's phonebook.

Without it, imagine the Information Superhighway littered with the overturned, flaming vehicles of visitors.

What's wrong?

So that names indexed by DNS are not repeated with every network connection, systems store the results in a cache for a temporary period. If a hacker could slip false addresses into that cache, he or she could essentially take control of those network connections. Thus, the gaping hole in the DNS could lead to phishing campaigns, password theft, and credit card plundering the likes of which we've never seen before (but always feared). (Source: heise-online.co.uk)

Although it's certainly difficult to replicate the randomly chosen 16-bit transaction ID to make the hack, security researcher and web genius Amit Klein has shown it can be done. Security firms know that if this guy can do it, someone with more sinister intentions eventually could, too.

A solution may be on the way, given that the friendly Klein can offer help. More importantly, security expert Dan Kaminsky has discovered a general method that reduces the odds of a crack sufficiently, preventing cache 'poisoning' for the time being. (Source: abc.net)

Kaminsky doesn't plan on revealing his plan or preliminary research until Black Hat in August. We'll just have to hope the web doesn't become hell's highway between now and then.