[dns-operations] CERT VU#800113 Multiple DNS implementations vulnerable to cache poisoning
Michael Monnerie
michael.monnerie at it-management.at
Thu Jul 10 09:53:53 UTC 2008
On Donnerstag, 10. Juli 2008 Otmar Lendl wrote:
> In his experience, users simply ignore those warnings.
Of course. Because they just cannot understand what the message on the
screen means. It's like you make a complete medical check and get the
results in doctor's language (latin TLDs and such). After all, what
should the user do? If he clicks no, he cannot do netbanking. So he'll
try again and click yes, and it (seems to) work. Programs would have to
deny access and display the telephone number of the hotline, that would
be the only help.
Every day I see end users doing the wrong thing. Otherwise the virus
problem would be negligible.
mfg zmi
--
// Michael Monnerie, Ing.BSc ----- http://it-management.at
// Tel: 0660 / 415 65 31 .network.your.ideas.
// PGP Key: "curl -s http://zmi.at/zmi.asc | gpg --import"
// Fingerprint: AC19 F9D5 36ED CD8A EF38 500E CE14 91F7 1C12 09B4
// Keyserver: www.keyserver.net Key-ID: 1C1209B4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20080710/b61de9cc/attachment.sig>
More information about the dns-operations
mailing list