SoylentNews is people
SoylentNews
ICANN Urges Adopting DNSSEC Now:
Continuing attacks on directory name services have prompted ICANN to prompt enterprise DNS uses to push their suppliers for DNSSEC services to block some of these attacks that can compromise corporate data.
Powerful malicious actors continue to be a substantial risk to key parts of the Internet and its Domain Name System security infrastructure, so much so that The Internet Corporation for Assigned Names and Numbers is calling for an intensified community effort to install stronger DNS security technology.
Specifically ICANN is calling for full deployment of the Domain Name System Security Extensions (DNSSEC) across all unsecured domain names. DNS, often called the internet’s phonebook, is part of the global internet infrastructure that translates between common language domain names and IP addresses that computers need to access websites or send emails. DNSSEC adds a layer of security on top of DNS.
[...]Full deployment of DNSSEC ensures end users are connecting to the actual web site or other service corresponding to a particular domain name, ICANN says “Although this will not solve all the security problems of the Internet, it does protect a critical piece of it – the directory lookup – complementing other technologies such as SSL (https:) that protect the "conversation", and provide a platform for yet-to-be-developed security improvements,” ICANN says.
In a release calling for the increased use of DNSSEC technologies, ICANN noted that recent public reports show a pattern of multifaceted attacks utilizing different methodologies.
“Some of the attacks target the DNS, in which unauthorized changes to the delegation structure of domain names are made, replacing the addresses of intended servers with addresses of machines controlled by the attackers. This particular type of attack, which targets the DNS, only works when DNSSEC is not in use,” ICANN stated.
[...]ICANN offered a checklist of recommended security precautions that members of the domain-name industry, registries, registrars, resellers and related others shoudl[sic] take to protect their systems, their customers’ systems and information reachable via the DNS.
Make sure you know where you are going.
(Score: 0) by Anonymous Coward on Monday April 22 2019, @08:09AM (4 children)
That's government, and your boss that pays the bills, especially your boss who is in bed with the government, and no you can't do anything about it.
I foresee the internet broken up into country specific networks, with only the "Official" class and higher allowed access to networks across borders, even then, it will be tightly controlled and monitored.
(Score: 2) by MostCynical on Monday April 22 2019, @08:22AM (1 child)
Considering China's apparent sucess and the proposals for other "great firewalls" (UK, USA, Australia), I will not bet against your prognostications.
http://www.itpro.co.uk/security/27236/national-cyber-security-centre-to-fight-hackers-with-dns-filtering [itpro.co.uk]
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 3, Informative) by c0lo on Monday April 22 2019, @10:07PM
https://freedomhouse.org/report/freedom-net/freedom-net-2018/rise-digital-authoritarianism [freedomhouse.org]
https://freedomhouse.org/report/countries-net-freedom-2018 [freedomhouse.org] (smaller scores are better)
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 0) by Anonymous Coward on Monday April 22 2019, @01:17PM
yet another testing for censorship is already ongoing on sri lanka
(Score: 0) by Anonymous Coward on Monday April 22 2019, @02:44PM
Maybe not in the west. It will just be expensive and low bandwidth, like the days of FidoNet.