…courtesy of some Boston MLS players. Check out this odd story for yourselves.
Also, I’m overdue for an update on the whole “yeah, I graduated and moved and started my new job”, but it’s going to take me another week or so to get into enough of a routine to post semi-regularly.
I like to think that I’m relatively well-informed when it comes to basic personal computer security, and my life is made considerably easier by not having to worry about using a windows box. Technically I have one at work, but the IT guys are pretty good and besides I only use it every month or so when the Company sends out some stupid form that can only be accessed via the internal network and on IE.
But I have to say that I only really barely knew of the existence of the DNS Cache Poisoning, and didn’t know that the fix was (sorta) being implemented. DNS Cache Poisoning is similar to a phishing email with a link purporting to be from eBay but is really for www.istealyourcreditcardinfo.com with spoofed url… except that it occurs on the browser level.
Think about that for a second… it’s kinda spooky. What that means is that you can open your browser of choice, type in a url, and arrive at a webpage that looks just like what you’d expect (say, your eBay or paypal or bank login page), except that it’s really a fake. For those of you under 30 who don’t remember a time before fast internet, the quick explanation is that the interwebs are not made of ascii-character urls but of ip addresses, domain names, etc, which are all numbers. So if you type in www.mybank.com, your browser has to convert that to some sequence of numbers and THEN connect you to the right page.
So anyway, what if some dastardly guy could hack that words-to-numbers conversion? you’d be hosed, that’s what. And you’d think that the Internet Companies would want to fix that immediately, right?
Wrong… because just like the Telecoms, the Internet (no-service) Providers don’t care about you (maybe because they are now all the same companies?)… In fact, they kick puppies and drown kittens.
I’ve probably bored y’all long enough, but I encourage people to check out Kaminsky’s (he who discovered the bug and pushed for it to be fixed) website directly. You can also click a button that will tell you whether or not your ISP has implemented the fix.
