[dns-operations] DNS issue accidentally leaked?

James Raftery james at now.ie
Wed Jul 23 00:02:29 UTC 2008


On 22 Jul 2008, at 19:10, Paul Vixie wrote:
> perhaps dan's defcon talk will open some remaining eyes among those  
> glued
> shut by the pride and prejudice of the minds behind them.

The dots may have been in plain sight but Dan seems to have figured  
out how to connect them in a devastating way. If what's been  
published so far is accurate it doesn't take a huge leap to see how  
it  might be packaged up into the mass-scale problem CERT & co.  
forewarned of.

Kudos to Dan. I look forward to his Black Hat talk so he gets to  
clear the air.


ATB,
james
-- 
``gettimeofday() and settimeofday() were included in SVr4 due to their
common use in BSD based applications.  They were to be included exactly
as in BSD, with two parameters.  However, AT&T/USL noted that the second
parameter was unused and deleted it, thereby making a routine included
for compatibility, incompatible.'' -- Solaris <sys/time.h>



More information about the dns-operations mailing list