Weblog entry #14 for glanz
See all weblog entries made by glanz.
"This is the U.S. government stepping forward and showing leadership," Douglas Maughan, an official with the Department of Homeland Security's Science and Technology Directorate, told United Press International."
MORE @ >=---> http://www.spacewar.com/reports/Owning_The_Keys_To_The_Internet_999.html
You got that folks? The most fascist government organization in the world will now control your last freedom. Aren't the wonderful Americans just too kind to look after us like that. Now let's all kneel down and pray to Bush's God:
"Our Money who art in war
Hallowed be thy profit.
The will of right wing pigs be done
in American pockets as it is in heaven."
Comments on this Entry
It should go as smoothly as the "war against the evil ones"....
[ Parent | Reply to this comment ]
Oh, yeah, War Against Tourism. Gosh, you wouldn't believe the length of queues and the multiple indignities you have to face to fly these days if you are guilty of being brown.
PJ
[ Parent | Reply to this comment ]
DNS can be spoofed, it is also vulnerable to man in the middle attacks.
DNSSec deals with these problems.
The US government already controls the root zone on the Internet, all this proposal would do would ensure that the data you get back, is the data that was published, and not something injected by an untrustworthy third party.
The freedom you lose is the freedom to impersonate others as easily, which is already illegal in most countries anyway.
I too expect it will be as successful as IPv6 but this is a technical security measure, not some draconian invasion of some imagined freedom.
[ Parent | Reply to this comment ]
And as far as your "untrustworthy third party" goes, the most untrustworthy party mentioned here is the US Government and it's department of FATHERland Security, second only to the surveillance society in which you live.
[ Parent | Reply to this comment ]
[ Send Message | View dkg's Scratchpad | View Weblogs ]
I do not trust the fascist US government to control anything, including the root zone.I have similar reservations, but i'm not sure what to do about it. How do you act on this distrust? Do you use alternate root servers? Do you have some other means of mapping names to the various information stored by DNS (IP addresses (A RRs), preferred mail exchangers (MX RRs), service providers (SRV RRs), etc)?
Do you run any DNS servers yourself, whether for a LAN or publicly on the 'net? If so, how do you cope with the inherent spoofability of the nameservice you offer? Have you investigated how DNSSEC might minimize those risks?
DNSSEC also had technical shortcomings with regard to replay attacks, wildcarding, zone enumeration, and NXDOMAIN responses, if my admittedly poor memory serves. Of course, regular DNS is subject to similar (and much worse) security concerns. Are there alternative architectures that you think are worth investigating?
[ Parent | Reply to this comment ]
quote: Comme vous êtes l'un des bons amis de Ralph, je vous annonce qu'il est mort subitement samedi le 21 avril vers 10 a.m. d'un arret cardiaque.
quote: As you are one of the good friends of Ralph, I announce to you that he died suddenly Saturday on April 21 towards 10 a.m. of a heart failure.
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]