DNS flaw revelation fuels pressure to patch

Details of a major DNS flaw have been made public earlier than expected, spurring security experts on to patch the problem immediately.

Security researcher Dan Kaminsky had intended to reveal details on the vulnerability – that could allow hackers to redirect system traffic undetected – at Black Hat, the technical security conference. He had kept details under wraps to give ISPs time to patch the breach but did not give any details of the matter.

If the flaw remains unchecked, hackers would be able to impersonate any website, such as Google or banking sites, potentially causing chaos.

The bug's existence was revealed openly when security researcher Halvar Flake coincidentally created a theory that is similar to Kaminsky's findings on DNS, and posted his speculation on his own blog.

Then, security firm Matasano posted on its blog, backing up Flake's theory – a move that has attracted heavy criticism. Matasano swiftly removed the post and issued an apology. But its endorsement of the theory unsurprisingly has caused concern.

Kaminsky's blog, at http://www.doxpara.com/ says: “Recently, a significant threat to DNS, the system that translates names you can remember (such as www.doxpara.com) to numbers the internet can route (66.240.226.139) was discovered, that would allow malicious people to impersonate almost any website on the Internet.

“Software companies across the industry have quietly collaborated to simultaneously release fixes for all affected name servers.”

Kaminsky's most recent post (at the time of writing) urges administrators to patch their systems now. He says: “Patch.  Today.  Now. Yes, stay late.  Yes, forward to OpenDNS if you have to.”

Sign up to our newsletters