[dns-operations] FireEye reports long-running DNS hijacking campaign

Bill Woodcock woody at pch.net
Sat Jan 12 21:40:55 UTC 2019



> On Jan 12, 2019, at 11:16 AM, Matthew Pounsett <matt at conundrum.com> wrote:
>> The unavailability of those two things (client DNSSEC validation and DANE) on end systems was, ultimately, why these attacks succeeded, and Apple Product Security has been very responsive, now that they’ve seen it in action.
>> 
> Do you know what that response is?  Any chance we're expecting to see DANE adoption in Apple products sometime soon?

That’s what we’ve been demanding since (yes, I checked my email before re-harrassing them) 2012.  Now that there was an actual serious attack that hinged on it, they seem to be taking it seriously.

It sounds like there are three parallel efforts underway: one to update the iOS security handbook, a second to get DNSSEC client validation integrated, and a third to try to move DANE forward.

Anything any of you can do to continue to encourage them would be great.

                                -Bill

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20190112/bf8fd920/attachment.sig>


More information about the dns-operations mailing list