digg

Facebook Connect Join Digg About

Massive Internet security flaw uncovered

chicagotribune.com Security researchers on Tuesday said they had discovered an enormous flaw that could let hackers steer most people using corporate computer networks to malicious websites of their own devising.

Who dugg this? Made popular Jul 9, 2008

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

132 Comments

show profanity settings
expand all
  • sigsegfalt, on 07/09/2008, -0/+78Details of the flaw(s) are publicly available: http://www.kb.cert.org/vuls/id/800113

    Also, Dan Kaminsky's written a tool that lets you know whether the DNS server you're using is properly randomizing the source port it uses to make requests: http://www.doxpara.com/

    Having said that, what should the *normal* user do about all this? Nothing.
  • Mr.Gone, on 07/09/2008, -4/+58Wow, we need a color coded meter to tell us how at risk we are online!!!
  • thailand1972, on 07/09/2008, -3/+48I RUN NORTON YOU CANT HACK ME
  • inactive, on 07/09/2008, -5/+44Way for the company NOT to announce what the flaw is until the conference. Very useful.
  • marabout40, on 07/09/2008, -7/+46Well, now the hackers know we better get cracking on closing this hole.
  • inactive, on 07/09/2008, -11/+45Can I rope said steer? Sorry...I had to...hehe.
  • inactive, on 07/09/2008, -11/+42Yeah...i noticed this hole a few weeks ago...was going to mention it to someone but forgot...glad someone else caught it or we would have been *****.
  • t4ll3y, on 07/09/2008, -1/+31Soon you won't be able to go to CNN.com without getting rickrolled.
  • PopcornDave, on 07/09/2008, -0/+23And it will be just as effective as the crayola terrorist rating system we have now.
  • DangerMouse9, on 07/09/2008, -0/+19Better crayola than the names of paint.

    "Sir, we're at the threat level Mediterranean Sunset."
    "Wow, that sounds nice."
    "Uh, no it means that 10,000 people are going to die."
  • acmaurer, on 07/09/2008, -1/+20One thing I'm worried about is: The experts "hope that the patches are broad enough that evil types won't be able to reverse-engineer them to exploit the vulnerability." - I doubt that someone, somewhere won't be able to reverse the fix... :-/
  • inactive, on 07/09/2008, -0/+15I wonder how long it would take the hackers to discover the hole build a virus to take advantage of it.
  • ColonelTribune, on 07/09/2008, -0/+12Not long, probably
  • CrackyJSquirrel, on 07/09/2008, -0/+12WE ARE NOW AT BLACK WATCH PLAID!!!
  • DamnMan, on 07/09/2008, -0/+10You get a digg for that because i can only assume that level of utter stupidity was intentional sarcasm.
    if it wasn't sarcasm than may God have mercy on your soul.
  • Vosona, on 07/09/2008, -0/+10Then they'll shoot the biggest ***** missiles you will ever see at everyone else.

    With TANKS flying out of the explosions. In slow motion.
  • dullnation, on 07/09/2008, -2/+11Buried for delusional feeling of superiority.
  • vonskippy, on 07/09/2008, -2/+11Wow, DNS Cache Poisoning. That is NEWS.
  • rickpelletier, on 07/09/2008, -1/+10You are both idiots
  • ColonelTribune, on 07/09/2008, -3/+11Sounds like a bunch of hooey right now. That is, until someone says what the flaw actually IS.
  • whiteghetto, on 07/09/2008, -1/+9LOL, no one has exploited it yet?
    haven't there been a handful of DNS exploits in the last few weeks?
  • ponyfreak, on 07/09/2008, -1/+9Imagine the massive rick roll you can pull off with this vulnerability!
  • Doriath, on 07/09/2008, -0/+8In fact they won't be until next month, as was clearly stated in the article.
  • vroom101, on 07/09/2008, -0/+7More details...

    1. US-CERT Technical Cyber Security Alert TA08-190B -- Multiple DNS implementations vulnerable to cache poisoning: http://www.us-cert.gov/cas/techalerts/TA08-190B.ht ... (www.us-cert.gov/cas/techalerts/TA08-190B.html)

    2. Alliance forms to fix DNS poisoning flaw: http://www.securityfocus.com/print/news/11526 (www.securityfocus.com/print/news/11526)

    3. Major computer-security flaw prompts patch mania: http://latimesblogs.latimes.com/technology/2008/07 ... (latimesblogs.latimes.com/technology/2008/07/major-computer.html)
  • tcpip4lyfe, on 07/09/2008, -1/+7This story has been submitted in various forums today, a lot of them straight from the CERT site and only the one with the most sensational headline and the most watered down article is getting dugg. I miss old digg.
  • deviationer, on 07/09/2008, -0/+6http://www.securityfocus.com/news/11526?ref=rss
  • alach11, on 07/10/2008, -1/+7After careful research they have discovered a grave flaw in many corperate settings. Most offices are running Internet Explorer.
  • ybnormalman, on 07/09/2008, -0/+6What was that, 3 levels of blog spam just to get to the actual article? Sheesh!
  • imapluralist, on 07/09/2008, -0/+6Burying 6' for being a pretentious ass.
  • inactive, on 07/09/2008, -1/+7yeah, alright.

    too bad he beat you to it.
  • olliholliday, on 07/09/2008, -0/+5rtfa
  • tavisjohn, on 07/09/2008, -0/+5Use Open DNS!

    http://www.opendns.org
  • inactive, on 07/09/2008, -0/+4Exactly, this is the real link. You have to go to 3 webapges (4 if you count digg) just to get to the REAL story.
  • inactive, on 07/09/2008, -0/+4It has actually been around for over 3 years (when it was published). No matter, updates are available.
  • colonelxc, on 07/09/2008, -0/+4These guys beat you to it (upper right hand corner)
    http://isc.sans.org/

    Also, notice the most recent story, real details about the vulnerability talked about in this article.
  • nygrissplz, on 07/10/2008, -0/+3I'm not worried. I already have curtains installed, and I bought a dog.
  • otbeverly, on 07/09/2008, -1/+4Like the one showing currently on TV -- "speedupmypc.com" or something like that. Most of the commercial shows people using PCs complaining about how slow they are ... then at the end the guy goes "I went to speedupmypc.com and my computer is really running fast now," and he's using a Mac. I wonder if that is some guerilla marketing or something by Apple or if that Web site is just exploiting people's ignorance.
  • BOFH2, on 07/09/2008, -2/+5We seem to be fine.
  • h0zae, on 07/09/2008, -0/+3Kaminsky has been exposing DNS is for a long time. He should be labeled "the DNS God".

    This also proves how horrible/terrible hackers are /s
  • spidoman, on 07/09/2008, -2/+5They're going to hack the internets....


    All of them.
  • elhaf, on 07/09/2008, -0/+3If you rope the steer, he'll buy you a beer:
    http://www.securityfocus.com/news/11526/2
  • robdiggity, on 07/09/2008, -2/+5Wasn't comcast.net DNS cache poisoned like 2 weeks ago?
  • ericcire, on 07/09/2008, -2/+5Ha. If I were a 'sploiting kind, you wouldn't be able to go anywhere without getting rickrolled.
  • imakecomments, on 07/09/2008, -2/+5comment dugg for not saying would *of*
  • Velnich, on 07/10/2008, -0/+2Dugg your comment for saying I don't have to do anything about this.
  • inactive, on 07/10/2008, -0/+2Well, wouldn't that be quite a coincidence...?
  • Mr.Gone, on 07/09/2008, -4/+6I fear we are at Macaroni and Cheese Yellow online threat level!!!!
  • inactive, on 07/10/2008, -1/+3OMG norton! I must give up now!
  • sadsadrobot, on 07/10/2008, -0/+2I trusted you...
  • allanak, on 07/09/2008, -0/+2This is where the article should have been linked in the first place. What the hell does some writer at the Chicago Tribune know about DNS?
  • Fetching more discussions...
    Show 51 - 100 of 132 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.