[AfrICANN-discuss] Google blames DNS insecurity for Web site defacements

SM sm at resistor.net
Sat May 16 19:03:55 SAST 2009


At 04:36 16-05-2009, Dr Yassin Mshana wrote:
>Now we can see how end-to-end security measures by as proposed 
>for/by DNSSEC could be handy.

The news article doesn't contain any technical information to 
determine whether DNSSEC would have prevented the issue.  The Google 
Global Communications Public Affairs officer is quoted as saying:

    "Google was not hacked, the problem occurred at the DNS level where someone
     redirected the Internet Protocol to other sites. We contacted 
the registry managers
     in Uganda and Morocco about the DNS attack"

It is unclear what "someone redirected the Internet Protocol" 
means.  The operator of .ug is quoted as saying that "someone got 
hold of DNS".  Does that mean that there was an unauthorised change 
at the ccTLD level?  I'll point out that DNSSEC doesn't necessarily 
prevent such an "attack".

>It is common to having to be redirected when one uses Google 
>engines: that is how it should be but, the issue of security and 
>authenticity of the "redirecting to where?" concerns me.

I am more concerned about how the incident is being treated as it 
affected one or more countries instead of a ISP.  The fact that it is 
common to be redirected does not mean that it is how it should be if 
we are concerned about security and authenticity.

The better question is to ask for a technical analysis of what 
happened and what steps have been taken to prevent a recurrence.

Regards,
-sm 



More information about the AfrICANN mailing list