

Bitsquatting: DNS Hijacking without exploitation (2011) - jasonmp85
http://dinaburg.org/bitsquatting.html?ref=goog

======
faded242
This was in my opinion one of the best talks at defcon a few years back. I
replicated this with some CDN domains, and was amazed at the number of bits
that were being flipped out there that drove traffic to my test systems. It
would have been very easy to serve up content that could have caused a lot of
problems.

~~~
placeybordeaux
It would be really interesting to see what mitigation would be possible if
this became a serious problem. I suppose the simplest solution is for the
responsible cdns to just buy up all of their bitneighbors.

~~~
rdc12
Or shifting most devices to using some form of ECC memory

------
drfuchs
I wonder how many "single bit errors" are due to hardware faults vs. how many
are due to software accidentally setting/unsetting a single bit binary flag
through a wild pointer. It would also be interesting to know what percentage
of the errors were a zero-to-one flip vs. a one-to-zero, and how well this
matches with the expectation of the direction of actual single-bit hardware
errors (which I also don't know). Actually, it's also interesting to know
which bits were more likely to change; presumably hardware errors are
distributed evenly over the eight different bits of a byte, while one might
guess that flag bits erroneously (re)set by software might be more likely to
be in the low end of a byte.

