The Internet has undergone a key upgrade that promises to stop cyber criminals from using fake Web sites that dupe people into downloading viruses or revealing personal data.
The agency in charge of managing Internet addresses teamed with online security services firm VeriSign and the US Department of Commerce to give Web sites encrypted identification to prove they are legitimate.
“This is, by any measure, an historic development,” Internet Corp for Assigned Names and Numbers (ICANN) chief executive Rod Beckstrom said at a premier Black Hat computer security conference in Las Vegas on Wednesday.
“This security upgrade matters to everyone who uses a computer, and that means most of us,” he said.
The Domain Name System Security Extensions (DNSSEC) basically adds a secret, identifying code to each Web site address.
The domain name system is where the world’s Internet addresses are registered and plays a key role in enabling computers around the world to speak with one another online.
Applications commonly used on the Internet can be tailored to essentially check the ID of a Web site to make certain it is what it claims to be, according to Dan Kaminsky, a hacker turned computer security specialist.
For example, Web browser software such as Google or Bing could be adapted to tell whether a bank log-in page is authentic.
“When a user receives an e-mail from a bank they should know it came from a bank,” Kaminsky said. “This is something we needed as engineers to make this a reality.”
A frightening structural flaw in the foundation of the Internet revealed by Kaminsky at Black Hat here two years earlier led to the “biggest structural” upgrade to the Web in decades, Beckstrom said.
“I can’t say I really knew what I was getting into when I broke that whole DNS thing,” Kaminsky quipped as he took part in a press conference announcing the Internet improvement.
Kaminsky is chief scientist at New York start-up Recursion Ventures and worked with ICANN and VeriSign on the upgrade.
Internet engineers have been toiling on DNSSEC for 18 years, but technical and political obstacles stalled progress, Internet Engineering Task Force chairman Russ Housely said in a video call from a meeting of the group in the Netherlands.
“It can be thought of as tamper-proof packaging for the domain name structure,” Housely said.
“The whole Internet engineering community is excited by this development,” he said.
IETF members at the meeting toasted the announcement with champagne, which “I assure you is not a common occurrence at a gathering of engineers,” he said.
It will take time for Internet firms to take advantage of DNSSEC and for it to be applied to local domains in every country, Kaminsky said.
“We are on Day One of a multi-year journey,” he said.
DNSSEC strips cyber criminals of being able to use attacks that involve manipulating code to redirect people from legitimate Web sites to fake pages rigged with malicious code or asking for passwords and other valuable data.
‘ABSURD MISTAKE’: The election commission said that there had been a failure to anticipate turnout after 14 polling stations ran short of ballot papers South Korean riot police yesterday cleared protesters from a Seoul polling station after a 35-hour blockade sparked by a shortage of ballot papers during local elections earlier this week. Wednesday’s election was the first nationwide vote since South Korean President Lee Jae-myung took office following the ouster of Yoon Suk-yeol over his short-lived martial law declaration. Lee’s ruling Democratic Party swept most races, but failed to flip the crucial Seoul mayoral seat. The South Korean National Election Commission apologized, blaming a failure to anticipate turnout after 14 polling stations in Seoul ran short of ballot papers. Some polling stations stayed open until 10pm to
France experienced its hottest spring on record, the French weather service said on Tuesday, after an exceptional early heat wave that also broke highs for the season in England and Wales. Meteo-France said the average nationwide temperature over March to May was 13.8°C — about 1.7°C above the norm, and surpassing records set in 2011 and 2020. “The warmest spring since records began in 1900,” it said in a bulletin. All three months were warmer than average, but the onset of an “unprecedented heatwave” late last month pushed the mercury to highs typically seen at the height of the summer. “Our country had never
A Sherpa guide was found crawling to base camp on Mount Everest a week after he went missing and was reunited with his family, who had given up hope he would return. Dawa Sherpa was last seen on Friday last week descending the mountain, but he did not reach base camp even though his client did. The pair were among the last climbers on the mountain as the climbing season came to an end and the route was dismantled. Dawa was located by a cleaning crew on Thursday morning as he was crawling down the snowy slopes around the Khumbu Icefall, just above
Chinese authorities are snuffing out any remembrance of the deadly 1989 military crackdown on student-led pro-democracy protests in Tiananmen Square, which happened 37 years ago yesterday, in a further tightening of a years-long campaign to erase what happened from public memory. Police told relatives of the victims they would not be allowed to visit a cemetery in Beijing on the anniversary of the crackdown, a person with knowledge of the matter said. Relatives of the victims visited the cemetery on the anniversary for more than 30 years to read memorial statements with police keeping watch, Amnesty International said. Hundreds of people,
RSS