By Rich Mogull and Glenn Fleishman
TidBITS Safe Computing
24 July 2008
On 08-Jul-08, a massive security patch was released by dozens of vendors
for a major vulnerability in DNS (Domain Name Service), discovered by
security researcher Dan Kaminsky. DNS is one of the fundamental
underpinnings of the Internet, translating domain names (like
tidbits.com) into IP addresses (like 220.127.116.11). Because DNS is so
core to the functioning of the Internet, this vulnerability is perhaps
the most significant security problem to face the Internet in the last
All users who connect to Mac OS X-based servers for DNS lookups are at
risk: Apple has not yet provided a patch, unlike dozens of other
companies that make or distribute operating systems or DNS server
Apple was clearly distracted by the largest set of launches in its
history: the iPhone 3G, the iPhone 2.0 software, the .Mac-to-MobileMe
transition, and the App Store. Nonetheless, their customers are now in
danger and Apple needs to respond immediately.
Attend Black Hat USA, August 2-7 in Las Vegas,
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com