Looking Back on Kaminsky’s DNS Bug
A lot has happened in the world of DNS since July 8th. Of course, that is when Dan Kaminsky revealed his now famous DNS bug and the patching panic began. Since that time there have been many explanations of the bug, along with much discussion about also how the bug can be exploited and why it is a big deal. I’ve contributed to this discussion in the form of two articles posted on LinuxJournal.com:
- Understanding Kaminsky’s DNS Bug - An overview of how the bug can be exploited.
- The DNS Bug: Why You Should Care - A look at the importance of this bug to everyone on the Internet.
It isn’t often that the New York Times covers topics like the Domain Name System, but this security issue was enough to warrant two articles on the award winning news site.
It’s been said many times by many people, but it really is amazing that this bug went undiscovered for 25 years. Once it is explained it just seems so simple. How could we not have seen it?
But how do we know that someone else didn’t discover this bug long ago? For all we know, a bad guy may have been exploiting this issue for years, undetected. This is why it is so important that the Internet community embrace full-disclosure security practices. Information exists, and it’s better for it to be available to everyone, publicly, than to just the bad guys, privately.
Even if the bug had not been known before, and Dan didn’t accidentally find it, how do we know a bad guy wasn’t on the brink of discovering it? How would the news media have reacted to the story in that case?
Let’s just be glad Dan Kaminsky is on our side. 
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}
Posted by Cory Wright on August 18th, 2008 under Articles, Security.
Comments: none
Write a comment