Security issues made the news again this last month with the case of a company a few months ago who grants secure certificates having gotten hacked. This led to the hackers being able to impersonate very effectively those companies whose secure certificates they stole.
Initially the company only divulged a few had been compromised. Now we find out it was over 500 hundred, including dozens of high-profile companies such as Google, Microsoft and Yahoo.
This breach occurred in June; they didn’t discover it until July and the company (Diginotar) failed to disclose the breach until August.
How did this happen to a security company? They had weak passwords, no antivirus protection and were generally lame. While they’re now out of business and the secure certificates the hackers created are now revoked, the damage is already done.
The reason this approach is even possible is due to the origins of the Internet—where originally the population of users was so small that everyone knew everyone else using it. Literally. As a result, those developing the initial protocols didn’t need security built in and at most it was an afterthought. This includes the DNS protocol which is what your computer uses to find out where websites/email/etc. are located. Adding security to the DNS protocol would stop many of these types of exploits. Secure versions of DNS are available. But until it is mandated, it won’t happen.
Our provider needs to switch us over to a new block of IP addresses. Currently we use 184.108.40.206-220.127.116.11; our new block will be 18.104.22.168-22.214.171.124. We are waiting on them to complete a configuration task. The only clients that need to pay attention to this are those who run their own DNS servers for their domains. For those who use us, the change will be transparent.
On a personal note, this last weekend saw the culmination of a 7 year goal of mine. When we moved to Arizona and built a home in 2004, several of the things in the house were intentionally left unfinished. Including cabinets for my woodworking shop. For various reasons these never were started. This last weekend I spent assembling and installing cabinets I got from www.cabparts.com. They have a computerized cutting system that creates extremely precise cabinet parts at a very reasonable cost. It was a pleasure assembling their cabinets. Everything just fit and was square the first time. Could I have made the cabinets? Certainly. Not to the precision they hold. And certainly not for the cost, especially factoring in my time. They also do kitchen and closet cabinets. Outstanding company.
We will be closed on Thanksgiving and the Friday following it but will respond to voicemail.