Snappy newsletters. Simple Facebook sharing. Spirited comments. Sweet features are waiting… GET THEM NOW!

'Every Network Is at Risk' Thanks to Bug

Security expert says DNS flaw could cause Internet-wide chaos

By Kevin Spak, Newser Staff

Posted Aug 7, 2008 8:05 AM CDT

(Newser) – Security researcher Dan Kaminsky outlined what he calls the biggest Internet security hole since 1997 to a gathering of experts yesterday, and it's a lot worse than had been understood, Wired reports. “Every network is at risk,” Kaminsky said at the Black Hat conference in Las Vegas. "That's what this flaw has shown." The bug, a hole in the Domain Name Service, has wider implications than anyone realized when word of it leaked last month, Kaminksy said.

Hackers can not only use it to hijack web browers, they can also target FTP services, email servers, spam blockers, online banking protections, and other services. “There are a ton of different paths that lead to doom,” Kaminsky said. Since Kaminsky warned of the DNS flaw a month ago, many companies have patched their servers, but currently 58% of broadband users are still on unprotected servers, he said, as are 30% of Fortune 500 companies.

Dan Kaminsky, director of penetration testing for Seattle-based computer security consultant IOActive Inc., speaks at the annual Black Hat convention in Las Vegas, Wednesday, Aug. 6, 2008. (AP Photo/Jae C. Hong)

In this undated photo provided by IOActive Inc., Dan Kaminsky, director of penetration testing for Seattle-based computer security consultant IOActive Inc., is shown. (AP Photo/IOActive Inc.)

Attendees listen to a keynote speech by Dan Kaminsky, director of penetration testing for computer security consultant IOActive Inc., at the annual Black Hat convention in Las Vegas, Aug. 6, 2008. (AP Photo/Jae C. Hong)

« Prev« Prev | Next »Next » Slideshow

To report an error on this story, notify our editors.

More Newser Stories

Hackers Hit Internet Giant VeriSign

Firm is responsible for delivering people to more than half of all websites

(NEWSER) - Hackers managed to break into the servers of a crucial web company responsible for delivering users to more than half the websites in the world. VeriSign doesn't believe the attackers infiltrated its Domain Name System network—which is responsible for directing traffic to .com, .net, and .gov addresses on the Internet—but it can't rule it out. The attacks occurred in 2010, but only came to light today, when Reuters spotted them in an October SEC filing. More»

Latest Domain Name Hack Disguises Its Danger

Can secretly steer Windows users wrong

(NEWSER) - The misdirection of “open-recursive” DNS servers, which facilitate web-surfing by translating verbal domain names into numerical IP addresses, is the new, more covert face of cyber-criminality, and could explode into a new wave of phishing attacks, IDG News reports. Hackers can use these types of DNS servers to redirect a web user to pages of their choosing, regardless of the web address they entered. More»

Coming This Week: Dot-Anything

Domain name possibilities to explode on Thursday

(NEWSER) - The Internet is getting a makeover. Starting Thursday, the web will make a big step in moving way beyond dot-com , dot-net, and the like. For the first time since 2000, ICANN, the administrator of Internet addresses, will begin taking applications for a huge range of new top-level domain names. Now, companies large and small are racing to cash in on the transition, the Wall Street Journal reports. They're ready to pay the $185,000 application fee to become "registry holders" and control the letters to the right of the dot. More»

.xxx Porn Sites May Be Coming Soon

Icann to revisit proposal for adult domain name

(NEWSER) - If your plans to buy www.johndoe.xxx were hopelessly derailed when Icann reversed a decision to start selling .xxx domain names, never fear: The Internet’s governing body is set to revisit that ruling. “If the contract is signed, we could be selling names by the end of the year,” says the chairman of the group that would sell the names. If you hadn’t yet guessed, the .xxx domain would be used for adult websites. More»

Web Addresses Will Gain International Flavor

Chinese, Arabic, Hebrew domains, among others, will have support by 2010: ICANN

(NEWSER) - In the biggest change ever to the system, Web domains will soon be available in the native scripts of Chinese, Arabic, Hebrew, and other non-Latin-based languages. A proposal expected to be approved this week means “Internationalized Domain Names” could be up and running as soon as mid-2010. China and Thailand currently offer support for domains in their languages with non-standard workarounds, ZDNet reports. More»

NEWS FROM OUR PARTNERS

What is Newser?

Face it: there's too much news. At Newser, we choose the most thought-provoking and entertaining stories from hundreds of US and international sources and reduce them to a headline, picture, and two paragraphs. And we do it 24/7—you can come back morning, noon, night (and in between) for something new that matters. Read less, know more.

Learn more »

Partnering with: Slate

View Newser on the mobile website

'Every Network Is at Risk' Thanks to Bug

Security expert says DNS flaw could cause Internet-wide chaos

OTHER STORIES ON OUR RADAR

Internet • domain names • Internet security • phishing • Internet domains • cybercrime • Dan Kaminsky

MOST POPULAR STORIES

[ By Views ]

[ By Comments ]

More Newser Stories

Hackers Hit Internet Giant VeriSign

Firm is responsible for delivering people to more than half of all websites

Latest Domain Name Hack Disguises Its Danger

Can secretly steer Windows users wrong

Coming This Week: Dot-Anything

Domain name possibilities to explode on Thursday

.xxx Porn Sites May Be Coming Soon

Icann to revisit proposal for adult domain name

Web Addresses Will Gain International Flavor

Chinese, Arabic, Hebrew domains, among others, will have support by 2010: ICANN

About Us

Site

Newser By Users

Community

Site Maps

Tools

More News

What is Newser?

'Every Network Is at Risk' Thanks to Bug

Security expert says DNS flaw could cause Internet-wide chaos

Bookmark & Share

OTHER STORIES ON OUR RADAR

Internet • domain names • Internet security • phishing • Internet domains • cybercrime • Dan Kaminsky

MOST POPULAR STORIES

[ By Views ]

[ By Comments ]

More Newser Stories

Hackers Hit Internet Giant VeriSign

Firm is responsible for delivering people to more than half of all websites

Latest Domain Name Hack Disguises Its Danger

Can secretly steer Windows users wrong

Coming This Week: Dot-Anything

Domain name possibilities to explode on Thursday

.xxx Porn Sites May Be Coming Soon

Icann to revisit proposal for adult domain name

Web Addresses Will Gain International Flavor

Chinese, Arabic, Hebrew domains, among others, will have support by 2010: ICANN

About Us

Site

Newser By Users

Community

Site Maps

Tools

More News

What is Newser?