EXAMINER PUBLICATIONS – SEPTEMBER 3, 2008
By Rich Trzupek
“So, did you know that the internet was broke?” my nephew Brian, who knows about these things, asks me. However, although Brian is a brilliant programmer, he is also a remorseless (yet lovable) jerk-wad, as fond of the outrageous statement as he is of “object oriented programming” (whatever the hell that is), or of his kids for that matter. I assume this is going down the wise guy road and give him the obligatory eye roll.
“Rrrrrright,” I say.
“No, really. It was broke. The whole thing.”
“What the hell are you talking about?” I reply, recognizing the Brian is entirely serious, an attitude that is easily identifiable because one encounters it so rarely in my eldest brother’s middle son. And thus he begins to unfold the tale…
A caveat before we begin: while I claim the right to speak authoritatively about matters involving chemistry, the environment and the Chicago White Sox (because I was educated in the first discipline, have practiced for over 25 years in the second, and have been a fanatic all my life about the third) I can not pretend to be an expert in the world involving bits of bytes. I am, somewhat, out over my skis here.
But, while I may err in some of the details, I am certain that I am not mistaken in the substance of the message. The internet, though on the mend, was broken, in a way that was – to my sensibilities anyway – pretty frightening.
The problem revolved around the Domain Name System, or DNS – the ‘phone book’ for the Internet. This is the means by which, when you type in the website address “www.trzupekblows.com” (or whatever) you actually get to the website run by the person who registered, and owns, that website. Similarly, when you send e-mails to and from that site, the message gets to its intended recipient, and to ONLY the intended recipient.
There is, naturally, a level of security involved in this, to ensure that only the owner of the domain in question (or his authorized agents) can control the traffic and the e-mails. If you run a bank, for example, you don’t want some hacker to take over your domain and redirect all your traffic to a place of his choosing.
Until very recently, the majority opinion in the world of the web elite was that compromising DNS security, if not absolutely impossible, was – as a practical matter – very, very improbable. That WAS conventional wisdom, until legendary web security researcher Dan Kaminsky spoke at the Black Hat convention (a rather important gathering of computer geeks, I am led to believe) in Las Vegas on August 6. There, Kaminsky demonstrated something rather amazing: that he could hijack any website in eight seconds.
I will pause, while you consider that.
“I spent the last month terrified of large companies having all their e-mail stolen because of a bug that I found,” Kaminsky is quoted as saying, in an article posted on eWeek.com.
“The impact of the DNS protocol flaw discovered by Dan Kaminsky is much wider than previously thought, endangering the trust many of us take for granted,” Brian Prince, the author of the article wrote.
The good news is that a fix is in the works. Nephew Bri reports that his company, Trustwave.com, and others like it are on the job, repairing what has been broken for a long time. The majority, though not all, of the net is repaired he reports.
If you have a website of your own, it’s unlikely that you need to do anything yourself. Most domains (including your humble correspondent’s host) are controlled by large communication companies – Verizon, ATT, etc. – who have the physical servers that act as “nodes” on the net. If you work for a large company that has its own node however, you may want to check this issue out.
We seemed to have dodged a bullet this time, and – while that’s great – there are a couple of lessons to be learned here.
First, even in the realm of science and technology, the majority is not always right, nor should they presumed to be so. Prior to August 6, 2008, the vast majority of articles and blogs that I looked at pooh-poohed (with extra pooh) the idea that DNS security was a real issue. After August 6, 2008, that opinion seems to have virtually disappeared.
So, if I may connect the dots for you – the “fact” (which I dispute) – that the “overwhelming majority” of scientists agree that mankind is causing global warming does not mean that the “overwhelming majority” opinion is right.
Secondly, you can’t trust the mainstream media to report these kinds of stories. Did you read about this in any of the big dailies, or hear about it on the 10 o’clock news?
The New York Times gleefully devoted 44 straight days of front page headlines to the exploits of group of rogue guards serving at a prison, in a war zone, whom abused (but did not seriously harm) prisoners of war. But, when it has been shown that the entire World Wide Web could have been ripped to shreds? It’s: “ah, who cares about that – what can we rip Bush on today?”
Some may mock the news and views available via the internet, and may lament the decline of the mainstream media, but I say: “don’t let the door hit you in your bloated ass on the way out” to the mainstream media. The mainstream media is full of more crap than a forest preserve porta-potty.
The majority of journalism majors don’t understand technical or scientific focused stories, nor do they have the skills to discern between real experts in the field and the pretend ones. The future of the media, therefore, belongs to a new, more focused media: locally-focused publications, like The Examiner, that buck the trend of the big boys because we understand – and make a strength of – our limitations; and the wealth of specialists who populate the blogosphere, and who so often embarrasses what (will soon no longer be) what we called “that mainstream media.”