[124891] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Comcast DNS entries temporarily hijacked

daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Fri May 30 14:27:41 2008

To: cryptography@metzdowd.com
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 30 May 2008 14:02:16 -0400

Apparently some pranksters hijacked Comcast's DNS entries for a few
hours:

http://www.heise-online.co.uk/security/Comcast-domain-diverted-by-crackers--/news/110831

[Hat tip to Bill Squier for pointing the article out.]

This is hardly the first time such a thing has happened. No great harm
was done, but considerable harm could have been done.

For example, one wonders what would happen if bank like Chase that
foolishly trains their users to type passwords into non-https
protected pages had their DNS hijacked for a while. (Indeed, given the
fact that most users always ignore certificate warnings, even a pretty
good bank that consistently used https would have serious trouble.)

Perry
-- 
Perry E. Metzger		perry@piermont.com

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[124891] in cryptography@c2.net mail archive

Comcast DNS entries temporarily hijacked

daemon@ATHENA.MIT.EDU (Perry E. Metzger)Fri May 30 14:27:41 2008

daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Fri May 30 14:27:41 2008