Security Researcher Kaminsky Pushes DNS Patching

BobB-nw writes "Dan Kaminsky, who for years was ambivalent about securing DNS, has become an ardent supporter of DNS Security Extensions. Speaking at the Black Hat DC 2009 conference Thursday, the prominent security researcher told the audience that the lack of DNS security not only makes the Internet vulnerable, but is also crippling the scalability of important security technologies. 'DNS is pretty much our only way to scale systems across organizational boundaries, and because it is insecure it's infecting everything else that uses' DNS, the fundamental Internet protocol that provides an IP address for a given domain name, said Kaminsky, director of penetration testing at IOActive. 'The only group that has actually avoided DNS because it's insecure are security technologies, and therefore those technologies aren't scaling.'"

Job title

[psnyder]

I'd love to have the title "Director of Penetration Testing", but can only think of 2 types of jobs where the title is appropriate. And I don't have the stamina for either.

Re:One trick pony

[gavron]

Try this link:

http://www.google.com/ [google.com]

Re:Job title

[pushing-robot]

Bombardier?

Re:Bad Article, Bad Summary

[SIR_Taco]

mmmmmmmmmmmmmmmm... unfortunate salad

Re:Who is Dan Kaminsky

[ascari]

It's a DNS error: Mark Russinovich and Dan Kaminsky resolve to the same person.

Re:Who is Dan Kaminsky

[mewsenews]

His picture is available online, and he looks like a regular decent guy, for whatever that's worth.

Sorry, he's not attractive enough for me to consider him a network security expert (what the hell???)

Re:Job title

[Anonymous Coward]

-1 Tasteless

says someone who chose the handle Penguinshit