rc3.org

Strong opinions, weakly held

Tag: DNS

Cleaning up after DNS Changer malware

Paul Vixie (the guy who wrote the BIND DNS server) talks about his efforts to clean up the effects of the DNS Changer malware, which changes the DNS settings on the host computer (and sometimes the routers they use). DNS Changer was, in essence, a black hat advertising network. If you paid them, they would alter the malware victims’ DNS searches to redirect them to sites that promoted your products.

After the DNS Changer network was taken down, Vixie’s job was to come in and stand up replacement DNS servers to take the place of the bogus ones, so that victims of the malware didn’t suddenly lose the ability to perform DNS lookups. In the meantime, the working group is trying to remove the malware from hundreds of thousands of devices before the new DNS servers are taken down by court order on June 9.

Interesting look at a tough problem.

Any Web site with a US TLD is now in US jurisdiction

EasyDNS has a chilling post on VeriSign taking down a Canadian Web site in order to service a warrant from the state of Maryland:

We all know that with some US-based Registrars (cough Godaddy cough), all it takes is a badge out of a box of crackerjacks and you have the authority to fax in a takedown request which has a good shot at being honoured. We also know that some non-US registrars, it takes a lot more “due process-iness” to get a domain taken down.

But now, none of that matters, because in this case the State of Maryland simply issued a warrant to .com operator Verisign, (who is headquartered in California) who then duly updated the rootzone for .com with two new NS records for bodog.com which now redirect the domain to the takedown page.

The implications are chilling. So now if you use a TLD that is under the control of a US company, your Web site is in US jurisdiction.

© 2024 rc3.org

Theme by Anders NorenUp ↑