My buddy Russ McRee over at Holistic Infosec, had sent me this [ICANN Preliminary Report on DNS Response Modification, 17 pgs.] and I thought about it for a while, read the [overly lengthy] paper and have some thoughts.
First off, it's ridiculous that we, in 2008, still have a DNS system that's so susceptible to breakage either by grayhat marketing types, or blackhats. I've seen papers, proposals, organizations and consortiums, hacking info, and other crap being kicked around for more secure DNS systems , or a revamp of the existing infrastructure for the last 10 years or so - and to date nothing has happened. With all the talk you figure someone would have done something about it by now! What continues to astonish me is that we're adding more lipstick to an already ugly pig (DNS is an ancient protocol, before security was a real issue) but nothing has been said that Google has been able to show me that indicates that anyone out there is serious about restructuring the underpinnings of the ailing DNS infrastructure.
Second, do we really need such a LENGTHY paper to describe what essentially amounts to DNS hijack? I understand there are different terms for it, and you can write for volumes about the different scenarios in which a hijack can happen - but who out there doens't understand the logistics behind it yet?
I can't help but to think that ICANN should be doing something about this, spearheading an effort to remediate this obvious security, stability, and legality issue.
To quote an old UnderDog episode - "Is there no one out there who can save us?"
btw... thanks Russ, for getting me going on a Monday morning.