On Sat, 28 Sep 2002, uberhacker wrote: > Much like DNS poisoning in the current world, I foresee a similar tactic > being used by hackers if such a system were to be put into place. >
Hackers will always be up to something regardless of the system used. Today we have the guys spamming with the hostile URL's, spoofing the sites, etc. DNS can actually be made quite secure, especially with the encryption and key signing schemes available now. > Add to that the fact that whoever was in charge of this scheme has the > potential to steal loads of money, since they would be able to trick > people into thinking they are spending to an account which they weren't. > With the exception of those DGCs who are either profitable havens for > criminal money, or who simply don't believe in policing their customer's > activities, the rest of the DGC community might not like the potential for > misuse inherent in such a system. > Again, this type of misuse isn't specific to and DNS based addressing system, nor does one give rise to one any more than the current market-maker systems which are exposed to the same risks and pitfalls anyway. You do ask the big question though, who would be "in charge" of the root DNS nodes? In the conventional world, its the US Government (doesn't that instill you with confidence in the system?). If there is some sort of "organization of DGC providers" that people actually had faith in and "worked" (I'm not sure if such a beast exists or is attempting to make a go of it), then that would be the logical place to implement the root node of the system, with the various DGC providers picking up the extended nodes with a series of checksums and signatures which would then detect if any other node had been poisoned or not. I hate to mention the "P-word" here (Paypal) but in a loose sense they are already doing this by allowing one to route funds based on email address rather than numbers. -mark > I'd be interested to hear counter-arguments. I think this is an > interesting topic for an otherwise uneventful Saturday. > > BRYAN > > --- > You are currently subscribed to e-gold-list as: [EMAIL PROTECTED] > To unsubscribe send a blank email to [EMAIL PROTECTED] > > Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) >via the web and shopping cart interfaces to help thwart keystroke loggers and common >viruses. > -- Quality aftermarket domains at http://www.eliteNIC.com 20% off when remitting via e-gold --- You are currently subscribed to e-gold-list as: archive@jab.org To unsubscribe send a blank email to [EMAIL PROTECTED] Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses.
