Follow up to A bug in DNS

I wrote earlier about the serious bug found in most currently used DNS servers.

Dan Kaminsky’s asked for the details to be kept of the internet for thirty days to give software and hardware vendors time to issue updates for their products. Yesterday however, Halvar Flake speculated in a blog post and Matasano security quickly (apparently by accident) confirmed that his speculations were very close to the true problem and even explained what the real issue is.

The post by Matasano security was soon withdrawn but it can be read here and here.

Interesting to read. It reminds me of the good old days when I was studying at the university and spoofing messages to our local IRC server.