Wow. It’s out. It’s finally, finally out.
So there’s a bug in DNS, the name-to-address mapping system at the core of most Internet services. DNS goes bad, every website goes bad, and every email goes…somewhere. Not where it was supposed to. You may have heard about this — the Wall Street Journal, the BBC, and some particularly important people are reporting on what’s been going on. Specifically:
1) It’s a bug in many platforms
2) It’s the exact same bug in many platforms (design bugs, they are a pain)
3) After an enormous and secret effort, we’ve got fixes for all major platforms, all out on the same day.
4) This has not happened before. Everything is genuinely under control.
I’m pretty proud of what we accomplished here. We got Windows. We got Cisco IOS. We got Nominum. We got BIND 9, and when we couldn’t get BIND 8, we got Yahoo, the biggest BIND 8 deployment we knew of, to publicly commit to abandoning it entirely.
It was a good day.
CERT has details up, and there’s a full-on interview between myself and Rich Mogull up on Securosis. For the non-geeks in the audience, you might want to tune out here, but this is my personal blog and I do have some stuff to mention to the crew.