

 Worst DNS Security Incidents - securls
http://www.securityweek.com/top-five-worst-dns-security-incidents

======
tptacek
The only genuinely serious DNS incident in this article is Kaminsky's query-ID
bug. A better article might have noted all the times in the past when the DNS
has been similarly exposed. Like the time Eugene Kashpureff tried to create an
entire alternate domain name registrar using cache poisoning attacks. I note,
smugly, that the Internet didn't fall around our ears then, nor has it
recently.

DNSSEC will cause more problems than it claims to solve.

~~~
alecco
[From my limited knowledge] Wouldn't DNSSEC bring more uncompetitive
centralization around the usual suspects?

------
powrtoch
Back when Cha-Cha (one of those SMS-based question answering services) was
newish, I texted them asking how I could go about taking down the entire
Internet (you know, just to see what they'd say). They told me twice that it
was impossible, then the third time when I mentioned targeting the DNS
specifically, they just informed me that even if I did succeed, I would surely
go to jail.

A disappointing response, I thought.

~~~
securls
I wouldn't really trust Cha-Cha for information security / infrastructure
advice ;)

