The much debated DNS flaw that was discovered by internet security expert, Dan Kaminsky, has been fixed secretly.
Large scale research on the DNS flaw, that is already known to have got all internet security agencies on its toes finally paid off, as a patch for the flaw has been released.
The security flaw was discovered by Dan Kaminsky earlier in 2008 but it wasn’t made public until the patch was made.
The major problem was that the flaw was in the DNS system, which forms the very heart of data traffic, online, and this flaw was something that was not limited to a product of a company but was to affect all internet users worldwide.
The flaw allows for DNS cache poisoning through which a hacker can place forged DNS data into the cache of the name server at any internet domain which can mislead a user to a wrong website.
A skilled hacker can acquire sensitive information from cache poisoning.
The flaw was such that almost all websites on the internet could have been affected had it not been found by the right person at the right time.
As a result all the work done to fix the flaw was made in secret.
In addition to providing the patches, the DNS is made random so that no hacker gets the chance to analyse the patch and figure out the flaw.
However, the only long term solution to such flaws is to use Name System Security Extensions which secures DNS information that is used on IP networks.