[PRCo] Re: Fwd: Courts Muzzles Hackers Who Wanted To Explain How To Get Free Subway Rides
Derrick J Brashear
shadow at dementia.org
Tue Aug 12 14:13:41 EDT 2008
On Tue, 12 Aug 2008, BobDietrich wrote:
> I read last week where someone had a paper to present uncovering a serious
> flaw in most Web design that allows a hacker to redirect input to a
> different site allowing them to get credit card info etc. The presenter
> says his information will point out areas that need fixed so legit companies
> can fix them. Naysayers say it would just give more hackers opportunities
> to hack. I don't know if the paper was presented or not, but not too many
> companies are interested in making wholesale Web changes.
>
> What say you Derrick, am I all wet with this?
Would this be Dan Kaminsky's DNS paper? I read the exploit the day it was
leaked, upgraded my own DNS server a couple minutes later.
The issue is I am in a coffeehouse now. I'm not using my DNS server. I'm
using theirs. (I trust theirs, in this case, but not in every case...)
It's a real issue. There are no doubt others like this lurking. Part of
the problem is understanding the risks in things you do, online as well as
elsewhere. A lot of people don't. It's the same as walking down the street
with your nice camera out. Just because the area "looks like a nice
neighborhood" doesn't mean it is. Just because it is one doesn't mean
you're safe either.
More information about the Pittsburgh-railways
mailing list