[116439] in North American Network Operators' Group
Re: Dan Kaminsky
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Tue Aug 4 14:19:23 2009
To: Curtis Maurand <cmaurand@xyonet.com>
In-Reply-To: Your message of "Tue, 04 Aug 2009 13:32:42 EDT."
<4A7870BA.4020704@xyonet.com>
From: Valdis.Kletnieks@vt.edu
Date: Tue, 04 Aug 2009 14:19:08 -0400
Cc: Nanog <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--==_Exmh_1249409948_4151P
Content-Type: text/plain; charset=us-ascii
On Tue, 04 Aug 2009 13:32:42 EDT, Curtis Maurand said:
> > What does this have to do with Nanog, the guy found a critical
> > security bug on DNS last year.
> >
> He didn't find it. He only publicized it. the guy who wrote djbdns
> fount it years ago. Powerdns was patched for the flaw a year and a half
> before Kaminsky published his article.
Yeah, and Robert Morris Sr wrote about a mostly-theoretical issue with TCP
sequence numbers back in 1985. Then a decade later, some dude named Mitnick
whacked the workstation of this whitehat Shimomura, and the industry
collectively went "Oh ****, it isn't just theoretical" and Steve Bellovin got
to write RFC1948.
(Mitnick was the first *well known* attack using it that I know of - anybody
got a citation for an earlier usage, either well-known or 0-day?)
> "Wise people already saw this one coming 9 years ago, and had a fix in place."
Yes, but a wise man without a PR agent doesn't do the *rest* of the community
much good. A Morris or Bernstein may *see* the problem a decade before, but
it may take a Mitnick or Kaminsky to make the *rest* of us able to see it...
--==_Exmh_1249409948_4151P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFKeHuccC3lWbTT17ARAh3MAKC329a5mWMqASLRCoxyNxEGMxhaJQCeINj/
bGt5LH0BfTAoBwoCfPOgeGU=
=dukQ
-----END PGP SIGNATURE-----
--==_Exmh_1249409948_4151P--
