Remember the news stories a few months ago about the flaw in DNS that was discovered by Dan Kaminsky? This article from MIT’s Technology Review magazine explains the discovery and the decisions taken to patch and explain the vulnerability in an article that is a good overview of what happened.
Dan Kaminsky, uncharacteristically, was not looking for bugs earlier this year when he happened upon a flaw at the core of the Internet. The security researcher was using his knowledge of Internet infrastructure to come up with a better way to stream videos to users. Kaminsky’s expertise is in the Internet’s domain name system (DNS), the protocol responsible for matching websites’ URLs with the numeric addresses of the servers that host them. The same content can be hosted by multiple servers with several addresses, and Kaminsky thought he had a great trick for directing users to the servers best able to handle their requests at any given moment.
The rest of the article is here.