14 DAY TRIAL // Dan Kaminsky is the IOActive specialist whose speech was the most anticipated at this year's Black Hat hacker conference held in Las Vegas. This happened because, one month ago, Kaminsky announced that he had discovered a DNS flaw that employed completely new methods to steal data and affect users' connections. When all those either too curious or too impatient attempted to find out what it was all about, including here hack attempts, Kaminsky asked for more time and vouched he would unveil everything at the Las Vegas conference.
Yesterday, in a speech held in front of a very large audience, Kaminsky did indeed offer some details on the Internet flaw, which brings some risks that users have never been exposed to before. One of these is the possibility that people be redirected to unsolicited websites, despite typing in the right URL. Users cannot control the access they have, because the packets with bad information are attached directly to the data flow that goes back and forth through the DNS servers. Hackers can use this weakness in the DNS server to redirect users to advertising websites enabled with automatic clicking. The illicit activity lines the criminals' pockets, while depriving users of the control over their online activity.
The Associated Press reports that Kaminsky also described another threat to users' online security, caused by the same bug. Email messages can be intercepted by hackers and redirected to their own servers. This because email routing implies an MX record request and this type of record is also DNS based. As the researcher said, access to email account information can give even more leverage to the hackers. One advantage is that they can get the passwords for all the websites the attacked user ever subscribes to, since it's already a known fact that people can ask for password retrieval using their email.
Major companies have already applied patches to their servers, but Kaminsky warned at the conference and on his blog that people could not protect themselves, as the firewall proved to be inefficient against the bug. "There are enough variants of the bug that we needed a stopgap before working on something more complete," he said.