Security Hole in the Net
I guess it's good news that today's big security story isn't about human frailty, as so many security stories are.
People are going to fall for human-engineering tricks forever. At least "a potentially dangerous flaw in the basic plumbing of the Internet" can be fixed -- although the global effort to shore up the Domain Name System is no small job.
"I'm watching people patch, and I realize this is not an easy thing to do," said Dan Kaminsky, the consultant who uncovered the problem, to the New York Times.
That's why he's taking the matter public, even though doing so will alert a lot of bad guys to the problem. Makes sense to me, especially since the smart crooks probably don't wait for the NYT to get their ideas.