When I first started Skewed, I mentioned in the backstory about how in the midst of the initial infection, the internet was quickly destroyed. I brought up mention of this again later with the member of Japan's Ministry of Information as being about 95% destruction, but never actually went into the details of what exactly happened, because of one particular problem: finding a way that that could happen.
There are many different webservers used to host the internet. The major two are the Apache Group's Apache HTTP Server, and Microsoft's Internet Information Services. Even between those two, however, it only currently accounts for approximately 84% of servers on the internet, with the remainder made up of other servers. Any one server-direct exploit could at most take out only half of the internet, if it was an undocumented vulnerability that all versions of that software were vulnerable to and no versions had any patches for, and that was incredibly far-fetched. So as I was thinking about this again a few days ago, my thoughts went to a different sort of of attack, attacking another foundation of the internet, the DNS servers. Since the DNS servers translate all of the domain names into IP addresses for individual machines, an attack on the DNS could take out the internet without actually needing to take down specific servers. But just like that, there are several implementations of DNS servers, so relying on a vulnerability on them would be just the same as attacking the servers.
This all changed the day after I came to that idea, because it apparently was very possible. I read a news article about some secret meetings of the different DNS server creators about patches being simultaneously released for all DNS implementations. These were patching a DNS poisoning vulnerability, that was apparently a design flaw in the very design and implementation of the DNS protocol. It hadn't ever happened, because it was only discovered by one person who contacted and organized this all in private without disclosing any details of the vulnerability, and now is something that there is little to worry about now because all major DNS implementors simultaneously released patches for it all on the same day.
As a society we were lucky this time, because it was someone honorable who discovered it. If it was someone with malicious intentions that discovered it then they would have had on their hands a zero day exploit that could have literally taken out the entire internet.
Date posted: 13 July, 2008 Tags: internet skewed software website_design
« Citation Needed | Straining to Think »