Monday, March 29, 2010

First Man-in-the-Middle-Attack on a Root Level DNS Server

The first ever man-in-the-middle-attack just took place on a root level DNS server, and of course, that would be in Beijing, China.

China had long been arguing that the top level DNS management must be de-centralized (to China, from the US) for varies reasons. They got one, and they used one.

ISP in US and Chile noticed when their customers tried to visit sites such as YouTube, Twitter or Facebook, they ended up at Chinese sites instead of the real ones. An investigation revealed that inquiries made to a root server in Beijing (one of 34 in the world) were intercepted and altered by the communists government's Great FireWall.

No comments: