18

Dec '23

Domain Name System is once again front and center for exploits and security policy – SiliconANGLE News

UPDATED 12:41 EST / JUNE 26 2023
by David Strom
Two recent events are once again bringing the internet’s foundational Domain Name System into the news, and not in a good way.
The first event involving the DNS last week was a warning from the Cybersecurity Infrastructure and Security Agency issued on Friday for version 9 of the Berkeley Internet Name Domain, or BIND.
It calls attention to three exploits that were disclosed and requires updates to this open source software, which is used by thousands of companies and government websites to translate the alphabetic domain names, such as SiliconANGLE.com, and a set of numerical IP addresses, such as like 35.91.118.127, back and forth. The exploits would allow remote malware execution, although none has yet been observed in the wild.
DNS is an essential glue protocol that almost every internet-related service depends on, and BIND is the most popular way DNS entries are manipulated and managed. Exploits are common targets for hackers, who can redirect traffic to their own malicious destinations, useful for phishing and subsequent data stealing operations. The recent Microsoft Layer 7 attack, for example, leveraged a few DNS exploits.
This isn’t the first alert regarding BIND, and isn’t even the first alert seen in 2023: Back in January, there was another alert that could cause denial-of-service and other system failures. Both alerts urge users to update their versions to current patched levels.
The second news item relevant to DNS concerns an open letter issued Friday by Vint Cerf, Stephen Crocker, Carl Landwehr and several others, entitled “Concerns over DNS Blocking.” The authors of this Medium post have been involved in internet protocol development and overall internet governance for decades.
The letter was sent in response to a draft bill under consideration in the French parliament entitled draft Military Planning Law 2024-2030 that was issued in early May. The authors state that the proposals “pose grave risks for global Internet security and freedom of expression.”
The meat of the proposed laws would enable wholesale DNS blocking of any internet provider operating in France. The authors claim the proposals would do more harm than good, and they fear they “might set a troubling precedent that could inspire similar measures in democratic and non-democratic jurisdictions alike — with global implications for security and online freedom.”
Part of the issue cited by Cerf, who is vice president and chief internet evangelist at Google LLC and was the former chair of the major internet governing body ICANN, and the others is that DNS blocks could be used for the wrong reasons, such as suppressing dissent, censoring information or conducting surveillance. These blocks are already familiar in China and North Korea, among other places.
“Lots of countries block or seize domain names including the US (usually the Immigration and Customs Enforcement component of the Border Patrol),” Cerf told SiliconANGLE. He said that he hadn’t yet received a response, “although it is the first work day since we posted the letter.”
DNS manipulation is a common tool that is used by many internet users and businesses. There are products, such as the recently introduced Google Cloud Armor, that screen out suspicious denial-of-service attacks and ransomware. Other services are offered free of charge, such as from Cloudflare Inc.,  as well as OpenDNS from Cisco Systems Inc., and others called DNS open resolvers.
For example, Google offers an open DNS resolver at http://8.8.8.8. Today about 21% of French users rely on an open DNS resolver, the letter cites.
The French proposal will target internet service providers. But the letter claims that these DNS resolver providers will also have to comply, and to do so they would be forced to apply the blocks globally.
“Consider a hypothetical scenario in which an authoritarian regime were to demand, under its own domestic laws, that open resolvers globally block the domain of a news organization for reporting on human rights abuses in their country,” Cerf and the others wrote. “More users would seek out risky infrastructure to bypass the filters.”
Worse, another interpretation of the legislation would be blocking that would be needed by every internet browser provider with French customers. That would introduce an additional level of confusion and pain, perhaps eclipsing the original purpose of the laws.
THANK YOU
Final four thoughts From AWS re:Invent 2023
Beyond separating compute and storage: Journey to the sixth data platform
Google makes its AI-powered NotebookLM note-taking application broadly available
Microsoft-OpenAI partnership draws antitrust scrutiny in the UK and US
Google finally joins the gen AI race in earnest, and now it’s really wide open
Google draws criticism for demo video of its new Gemini large language model
Final four thoughts From AWS re:Invent 2023
CLOUD – BY ZEUS KERRAVALA . 6 HOURS AGO
Beyond separating compute and storage: Journey to the sixth data platform
BIG DATA – BY GUEST AUTHOR . 17 HOURS AGO
Google makes its AI-powered NotebookLM note-taking application broadly available
AI – BY MARIA DEUTSCHER . 2 DAYS AGO
Microsoft-OpenAI partnership draws antitrust scrutiny in the UK and US
POLICY – BY MARIA DEUTSCHER . 2 DAYS AGO
Google finally joins the gen AI race in earnest, and now it’s really wide open
AI – BY ROBERT HOF . 2 DAYS AGO
Google draws criticism for demo video of its new Gemini large language model
AI – BY MARIA DEUTSCHER . 2 DAYS AGO
Forgot Password?
Like Free Content? Subscribe to follow.

source

Share:

Facebook
Twitter
LinkedIn
Joker
Joker

Joker has been buying and selling domains since the late 90's. He has worked with many portfolios and investors over the past decade as well.

Leave a Reply

Your email address will not be published. Required fields are marked *