Comment Yay, I got slashdotted! (Score 4, Interesting) 49
I should really visit
Comment This only affects BIND and Unbound users (Score 1) 132
It is generally not made clear that problems are only to be expected for those users behind DNS resolvers that ask 'DNSSEC OK=1' questions by default.
Such 'do=1' default behaviour was enabled in BIND, most likely in an effort to 'make the world safe for DNSSEC'. Even though no further DNSSEC processing is performed by default.
Other implementations, like PowerDNS & DJBDNS, do not wantonly ask 'DNSSEC OK=1' questions. This means that for these (and other) resolvers, on May 5th nothing will happen.
The 'testing' sites linked do not clarify if you are behind a resolver that asks 'do=0' or 'do=1' questions, and may thus lead to needless worry.
Cheers,
Bert - PowerDNS.
Scientists Say a Dirty Child Is a Healthy Child 331
Researchers from the School of Medicine at the University of California have shown that the more germs a child is exposed to, the better their immune system in later life. Their study found that keeping a child's skin too clean impaired the skin's ability to heal itself. From the article: "'These germs are actually good for us,' said Professor Richard Gallo, who led the research. Common bacterial species, known as staphylococci, which can cause inflammation when under the skin, are 'good bacteria' when on the surface, where they can reduce inflammation."
Comment Re:NLnet Labs software (Score 1) 237
This is where i want to declare: I did _not_ vote on this thread. ;-)
Zap (PowerDNS fanboy)
Comment Re:powerdns was vulnerable, but differently (Score 1) 237
I think Leto was right to say that PowerDNS was affacted by the Kaminsky whatnot, _in_ _a_ _way_.
Bert, you need to read those first two sentences of leto slowly and carefully, he wasn't saying that PowerDNS recursor was 'spoofable' in any way, just that it was _affected_, and i think thats true somehow.
Zap
Comment Re:powerdns was vulnerable, but differently (Score 1) 237
Paul,
I'd love to know more about how PowerDNS could be spoofed more easily - I'd love to fix it. Since Kaminsky, nothing has changed within the PowerDNS Recursor, so anything you've discovered is still relevant!
Bert
Comment Re:DoS on PowerDNS? (Score 3, Informative) 237
Nothing too serious, probably a prank from some bored employees at the time. We asked some of the Nominum people what they were up to, since we'd been receiving packets that caused PowerDNS to crash from Nominum IP space.
I seem to recall one of their (ex-)employees eventually even told us which bug they had been triggering.
I don't for a moment believe this was a Nominum-sanctioned activity.
But this is all way back in the mists of time, the beginning of 2002.
Bert
(PowerDNS)
Submission + - Nominum calls Open Source DNS 'a recipe for proble
Raindeer writes: "In an effort to promote its new Cloud based DNS service SKYE, Nominum one of the commercial DNS-software, providers slaundered all open source/freeware DNS packages. It said: "Given all the nasty things that have happened this year, freeware is a recipe for problems, and it's just going to get worse.(....) So, whether it's Eircom in Ireland or a Brazilian ISP that was attacked earlier this year, all of them were using some variant of freeware. Freeware is not akin to malware, but is opening up those customers to problems. " This has the DNS community fuming. Especially when you know Nominum was one of the companies affected by the DNS Cache poisoning problem of last year. Something PowerDNS, MaraDNS and DJBDNS all open source weren't vulnerable too."
Submission + - Nominum calls Open Source DNS 'a recipe for proble
Raindeer writes: "In an effort to promote its new Cloud based DNS service SKYE, Nominum one of the commercial DNS-software, providers slaundered all open source/freeware DNS packages. It said: "Given all the nasty things that have happened this year, freeware is a recipe for problems, and it's just going to get worse.(....) So, whether it's Eircom in Ireland or a Brazilian ISP that was attacked earlier this year, all of them were using some variant of freeware. Freeware is not akin to malware, but is opening up those customers to problems. " This has the DNS community fuming. Especially when you know Nominum was one of the companies affected by the DNS Cache poisoning problem of last year. Something PowerDNS, MaraDNS and DJBDNS all open source weren't vulnerable too."
Comment Re:Well.. (Score 1) 197
I was BOUND but then i became UNBOUND by PowerDNS. ;-)
Comment Re:god they should learn programming (Score 1) 197
it's not an article but a security advisory. meaning _if_ you run BIND9 somewhere please do read it. ;-)
Comment I don't see whats so problematic about it... (Score 1) 589
... after all i thought as it's the U.S. of A. you still have the right to shoot the FCC Trespasser before he can identify her/himself, right? ;-)
Comment Re:Simple: (Score 0, Redundant) 821
hmm well he set up the other routers in a way that they loose their configuration upon reload/powercycle - maybe a city-wide EMP is not what city officials would want. I suppose they're still keen to gain access to the rest of the equipment. ;)
VIA Quits Motherboard Chipset Business 192
arcticstoat writes "Following the media hit that was VIA's Nano processor, VIA says that it's now quitting the motherboard chipset business that used to be its bread and butter product for years. VIA's vice president of corporate marketing in Taiwan, Richard Brown, explained that: 'Intel provides the vast majority of chipsets for its processors and, following its purchase of ATI, AMD is also moving very quickly in the same direction.' VIA will still be developing chipsets for integrated motherboards featuring the Nano CPU, but will no longer produce chipsets for Intel and AMD CPUs. Was this the right decision, and where does this leave other third-party chipset manufacturers such as SiS?" Seems like this is a tough business to stick around in.
Apple Can Remotely Disable iPhone Apps 550
mikesd81 writes "Engadget reports Apple has readied a blacklisting system which allows the company to remotely disable applications on your device. It seems the new 2.x firmware contains a URL which points to a page containing a list of 'unauthorized' apps — a move which suggests that the device makes occasional contact with Apple's servers to see if anything is amiss on your phone. Jonathan Zdziarski, the man who discovered this, explains, 'This suggests that the iPhone calls home once in a while to find out what applications it should turn off. At the moment, no apps have been blacklisted, but by all appearances, this has been added to disable applications that the user has already downloaded and paid for, if Apple so chooses to shut them down. I discovered this doing a forensic examination of an iPhone 3G. It appears to be tucked away in a configuration file deep inside CoreLocation.'" Update: 08/11 13:07 GMT by T : Reader gadgetopia writes with a small story at IT Wire, citing an interview in the Wall Street Journal, in which this remote kill-switch is "confirmed by Steve Jobs himself."
Slashdot Top Deals
Crazee Edeee, his prices are INSANE!!!
