security

May 28 2008

OpenID

I'm getting second thoughts about OpenID.

Here's why.

Feb 25 2008

Do you trust your current DNS server ?

Darkreading has a report on the next big dns threat according to Paul Mockapetris. DNS corruption. When a user connects to his ISP, or to a Wifi port, certainly a free one.
He has absolutely no idea about the state of the DNS server.

So a user working off a public WiFi port, for example, is at the mercy of the DNS servers it uses, which "could easily be malicious,"

Indeed it might be hacked, it might be modified on purpose, pointing your browser to somesite totally different than you want to .. while you're not expecting it.

Anyway

  1. [sdog@mine ~]$ cat /etc/resolv.conf
  2. nameserver 127.0.0.1