← Back to context Comment by gzread 11 hours ago It will change as soon as one of them gets meaningfully DNS hijacked. 7 comments gzread Reply tptacek 8 hours ago Zones get meaningfully hijacked all the time. It just doesn't happen through cache poisoning; it happens through phished registrar accounts. indolering 5 hours ago Phishing existing isn't a good argument against cryptographically authenticating DNS records. tptacek 5 hours ago "Phishing existing" isn't the argument. "The dominant vector for actual domain takeover over the last 5 years is phishing" is. 4 replies →
tptacek 8 hours ago Zones get meaningfully hijacked all the time. It just doesn't happen through cache poisoning; it happens through phished registrar accounts. indolering 5 hours ago Phishing existing isn't a good argument against cryptographically authenticating DNS records. tptacek 5 hours ago "Phishing existing" isn't the argument. "The dominant vector for actual domain takeover over the last 5 years is phishing" is. 4 replies →
indolering 5 hours ago Phishing existing isn't a good argument against cryptographically authenticating DNS records. tptacek 5 hours ago "Phishing existing" isn't the argument. "The dominant vector for actual domain takeover over the last 5 years is phishing" is. 4 replies →
tptacek 5 hours ago "Phishing existing" isn't the argument. "The dominant vector for actual domain takeover over the last 5 years is phishing" is. 4 replies →
Zones get meaningfully hijacked all the time. It just doesn't happen through cache poisoning; it happens through phished registrar accounts.
Phishing existing isn't a good argument against cryptographically authenticating DNS records.
"Phishing existing" isn't the argument. "The dominant vector for actual domain takeover over the last 5 years is phishing" is.
4 replies →