ISPs worldwide are racing to patch a flaw in the design of the Internet that could allow criminals to steal personal and financial details of Web users by diverting them to fake sites. The flaw resides in the procedures of the Domain Name System, which translates URLs into numerical Internet protocol. The problem underlines the dangers of the Internet's jumbled, decentralized architecture, in which no one entity can fix such a weakness, writes the New York Times.
The fault was discovered by 29-year-old programmer Dan Kaminsky, and in March he had an emergency meeting with computer security specialists at Microsoft. Although he has kept details of the security weakness a secret, they were published online, seemingly accidentally, by a computer security firm last week. Now the race is on to close the loophole. "You don’t get to tell the river you need more time until it floods," Kaminsky says.