BSDer writes: An Israeli security researcher published a paper few hours ago, detailing attacks against Mac, OpenBSD and other BSD-style operating systems. The attacks, says Amit Klein from Trusteer enable DNS cache poisoning, IP level traffic analysis, host detection, O/S fingerprinting and in some cases even TCP blind data injection.
The irony is that OpenBSD boasted their protection mechanism against those exact attacks when a similar attack against the BIND DNS server was disclosed by the same researcher mid 2007. It seems now that OpenBSD may need to revisit their code and their statements.
According to the researcher, another affected party, Apple, refused to commit to any fix timelines. It would be interesting to see their reaction now that this paper is public.
Humanity has the stars in its future, and that future is too important to be
lost under the burden of juvenile folly and ignorant superstition.
- Isaac Asimov