Darkreading has a report on the next big dns threat according to Paul Mockapetris. DNS corruption. When a user connects to his ISP, or to a Wifi port, certainly a free one.
He has absolutely no idea about the state of the DNS server.
So a user working off a public WiFi port, for example, is at the mercy of the DNS servers it uses, which "could easily be malicious,"
Indeed it might be hacked, it might be modified on purpose, pointing your browser to somesite totally different than you want to .. while you're not expecting it.
Anyway
[sdog@mine ~]$ cat /etc/resolv.conf
nameserver 127.0.0.1
