[AfrICANN-discuss] Google blames DNS insecurity for Web
site defacements
SM
sm at resistor.net
Sat May 16 19:03:55 SAST 2009
At 04:36 16-05-2009, Dr Yassin Mshana wrote:
>Now we can see how end-to-end security measures by as proposed
>for/by DNSSEC could be handy.
The news article doesn't contain any technical information to
determine whether DNSSEC would have prevented the issue. The Google
Global Communications Public Affairs officer is quoted as saying:
"Google was not hacked, the problem occurred at the DNS level where someone
redirected the Internet Protocol to other sites. We contacted
the registry managers
in Uganda and Morocco about the DNS attack"
It is unclear what "someone redirected the Internet Protocol"
means. The operator of .ug is quoted as saying that "someone got
hold of DNS". Does that mean that there was an unauthorised change
at the ccTLD level? I'll point out that DNSSEC doesn't necessarily
prevent such an "attack".
>It is common to having to be redirected when one uses Google
>engines: that is how it should be but, the issue of security and
>authenticity of the "redirecting to where?" concerns me.
I am more concerned about how the incident is being treated as it
affected one or more countries instead of a ISP. The fact that it is
common to be redirected does not mean that it is how it should be if
we are concerned about security and authenticity.
The better question is to ask for a technical analysis of what
happened and what steps have been taken to prevent a recurrence.
Regards,
-sm
More information about the AfrICANN
mailing list