As defined on Wikipedia:
* Jargon: Flag day is also a term used in discussing computer systems to denote a change which will require a complete restart or conversion of a sizable body of software or data. This usage of the term originates from an obscure such change in the Multics operating system’s definition, which was scheduled for the US’s Flag Day, June 14th, 1966.
* One such day is January 1 1983, the day when the ARPANET changed from NCP to the TCP/IP protocol suite.
A flaw has apparently been found in the DNS system that most of the Internet uses. (Secure DNS doesn’t have this problem, but it’s used by very few people.) It’s not just a problem with a particular implementation of DNS. It’s a problem that every single implementation apparently suffers from. It’s very very scary and just about every vendor has pushed out a fix ahead of the release of the details of the problem. I’ve spent some of today updating every single machine that I have have access to. You should do the same.
In addition it sounds like anyone with DNS behind NAT might be also in a very bad place. I have this little crappy verizon router that proxies my DNS (including redirecting me to an ad-based site whenever I mis-type a DNS address) – I wonder if it’s going to have the same problem? Is it something that Verizon can fix? I know that it won’t hand out DHCP Nameserver addresses for anything other than itself, so anything that trusts that data will be equally vulnerable. Scary thought, eh? How many people at home are going to be vulnerable?
This also helps to prove the point that software is no longer static. It can’t be. You can’t just deploy and forget about it. Software without service isn’t worth anything because we’re all connected and we’re all going to be vulnerable at some point.
Here’s a transcript of the video listed below. It’s worth reading.
