← Back to context Comment by gzread 9 hours ago It will change as soon as one of them gets meaningfully DNS hijacked. 7 comments gzread Reply tptacek 6 hours ago Zones get meaningfully hijacked all the time. It just doesn't happen through cache poisoning; it happens through phished registrar accounts. indolering 3 hours ago Phishing existing isn't a good argument against cryptographically authenticating DNS records. tptacek 3 hours ago "Phishing existing" isn't the argument. "The dominant vector for actual domain takeover over the last 5 years is phishing" is. 4 replies →
tptacek 6 hours ago Zones get meaningfully hijacked all the time. It just doesn't happen through cache poisoning; it happens through phished registrar accounts. indolering 3 hours ago Phishing existing isn't a good argument against cryptographically authenticating DNS records. tptacek 3 hours ago "Phishing existing" isn't the argument. "The dominant vector for actual domain takeover over the last 5 years is phishing" is. 4 replies →
indolering 3 hours ago Phishing existing isn't a good argument against cryptographically authenticating DNS records. tptacek 3 hours ago "Phishing existing" isn't the argument. "The dominant vector for actual domain takeover over the last 5 years is phishing" is. 4 replies →
tptacek 3 hours ago "Phishing existing" isn't the argument. "The dominant vector for actual domain takeover over the last 5 years is phishing" is. 4 replies →
Zones get meaningfully hijacked all the time. It just doesn't happen through cache poisoning; it happens through phished registrar accounts.
Phishing existing isn't a good argument against cryptographically authenticating DNS records.
"Phishing existing" isn't the argument. "The dominant vector for actual domain takeover over the last 5 years is phishing" is.
4 replies →