Internet upgraded to foil cyber crooks

Jul 29, 2010 by Glenn Chapman
The Internet has undergone a "critical" upgrade that promises to stop cyber criminals from using fake websites that dupe people into downloading viruses or revealing personal data.

The Internet has undergone a key upgrade that promises to stop cyber criminals from using fake websites that dupe people into downloading viruses or revealing personal data.

The agency in charge of managing Internet addresses teamed with online security services firm and the US Department of Commerce to give websites encrypted identification to prove they are legitimate.

"This is, by any measure, an historic development," ICANN chief executive Rod Beckstrom said while breaking the news at a premier Black Hat conference in Las Vegas on Wednesday.

"This security upgrade matters to everyone who uses a computer, and that means most of us."

The Domain Name System Security Extensions, referred to as DNSSEC, basically adds a secret, identifying code to each website address.

The domain name system is where the world's Internet addresses are registered and plays a key role in enabling computers around the world to speak with one another online.

Applications commonly used on the Internet can be tailored to essentially check the ID of a website to make certain it is what it claims to be, according to Dan Kaminsky, a hacker turned computer security specialist.

For example, web browser software such as or Bing could be adapted to tell whether a bank log-in page is authentic.

"When a user receives an email from a bank they should know it came from a bank," Kaminsky said. "This is something we needed as engineers to make this a reality."

A frightening structural flaw in the foundation of the Internet revealed by Kaminsky at Black Hat here two years earlier led to the "biggest structural" upgrade to Web in decades, according to Beckstrom.

"I can't say I really knew what I was getting into when I broke that whole DNS thing," Kaminsky quipped as he took part in a press conference announcing the Internet improvement.

Kaminsky is chief scientist at New York start-up Recursion Ventures and worked with and VeriSign on the the Internet upgrade.

Internet engineers have been toiling on DNSSEC for 18 years, but technical and political obstacles stalled progress, Internet Engineering Task Force chairman Russ Housely said in a video call from a meeting of the group in the Netherlands.

"It can be thought of as tamper-proof packaging for the domain name structure," Housely said.

"The whole Internet engineering community is excited by this development."

He added that IETF members at the meeting toasted the announcement with champagne which "I assure you is not a common occurrence at a gathering of engineers."

It will take time for Internet firms to take advantage of DNSSEC and for it to be applied to local domains in every country, according to Kaminsky.

"We are on Day One of a multi-year journey," Kaminsky said.

DNSSEC strips of being able to do attacks that involve manipulating code to redirect people from legitimate websites to fake pages rigged with malicious code or asking for passwords and other valuable data.

"This provides a high level of protection with minimal disruption," said VeriSign chief executive Mark McLaughlin.

"It is not a panacea for everything, but it is a good start."

Explore further: Lions Gate partners with online outfit RocketJump

add to favorites email to friend print save as pdf

Related Stories

Dotcom celebrates 25th birthday

Mar 16, 2010

Recognize Symbolics.com? Probably not. But 25 years ago this week the Massachusetts computer maker played a bit role in history -- it was the first company to register a .com address on what would eventually ...

Web boss sees risk of multiple internets

Jan 28, 2010

Clandestine efforts by some countries to create alternative versions of the Internet for political ends could put the Web at risk, the man responsible for organizing the network told AFP Wednesday.

Domain registry on the rise

Apr 27, 2006

Internet domain names may become as ubiquitous as Social Security numbers one day, according to Dotster Inc.

Recommended for you

Instagram photo-sharing service goes down

Apr 12, 2014

Popular photo-sharing site Instagram was not working Saturday, as frustrated users quickly turned to social network Twitter and other web sites to share their complaints.

Authors Guild asks US court to rule against Google

Apr 11, 2014

The Authors Guild says that Google Inc. is stealing business from retailers and has asked a New York federal appeals court to find that the Internet giant is violating copyright laws with its massive book digitization project.

User comments : 0

More news stories

Intel reports lower 1Q net income, higher revenue

Intel's earnings fell in the first three months of the year amid a continued slump in the worldwide PC market, but revenue grew slightly because of solid demand for tablet processors and its data center services.

Low Vitamin D may not be a culprit in menopause symptoms

A new study from the Women's Health Initiative (WHI) shows no significant connection between vitamin D levels and menopause symptoms. The study was published online today in Menopause, the journal of The North American Menopa ...

Astronomers: 'Tilt-a-worlds' could harbor life

A fluctuating tilt in a planet's orbit does not preclude the possibility of life, according to new research by astronomers at the University of Washington, Utah's Weber State University and NASA. In fact, ...