[dns-operations] DNS issue accidentally leaked?
David Dagon
dagon at cc.gatech.edu
Tue Jul 22 04:42:05 UTC 2008
On Mon, Jul 21, 2008 at 07:34:53PM -0400, Matthew Pounsett wrote:
> Not so accidentally. It appears (to me) to be a deliberate
> self-aggrandizement move by one particular security speculator. The
> posting
I thought this as well originally. But it appears to have been an
"accidental" blog post.
The post originally appeared at:
http://www.matasano.com/log/1103/reliable-dns-forgery-in-2008-kaminskys-discovery/
It was evidently put up in error. The blog owner, Thomas Ptacek,
originally drafted story that was ready to be posted in August. But
it was then published by an "E.Copeland" on the blog. (Some analysis
via LinkedIn/Facebook suggests E.Copeland is Erin Ptacek, perhaps the
wife of the blog owner.)
The post was taken down (but is cached in countless RSS feeds and
pastebin pages). Thomas Ptacek then posted an apology:
http://www.matasano.com/log/1105/regarding-the-post-on-chargen-earlier-today/
Note that the apology confirms the validity/accuracy of the story
easily found in so many RSS caches.
So while I don't know if the post was deliberate, it was clearly
negligent at best. Moreover, the apology adds to the harm by
confirming the validity of the approach. (I.e., among all the
speculations on the Internet, this one has been self-identified as the
"right answer", thanks to the apology; attackers need look no
further.)
Thus, I think DNS operators should best assume the details have been
divulged (and then validated); code will surely follow.
--
David Dagon /"\ "When cryptography
dagon at cc.gatech.edu \ / ASCII RIBBON CAMPAIGN is outlawed, bayl
Ph.D. Student X AGAINST HTML MAIL bhgynjf jvyy unir
Georgia Inst. of Tech. / \ cevinpl."
More information about the dns-operations
mailing list