Are Wildcards another Y2K?

Kevin Loch kloch at gurunet.net
Sun Sep 21 17:17:14 UTC 2003


One thing that Y2K taught us was that programmers
do some really stupid things with hard coded "this
should never occur naturally" values.  The year
'99' was used to trigger all kinds of interesting
things like erasing backup tapes, destroying inventory
and worse.  It is not implausible that someone has
hard coded an "asdfjlkl.com" type domain somewhere
important.  The effects of such errors are not always
immediately visible as they were with the spam filters.

The problem is that the COM zone is part of the largest
legacy software system the world has ever seen.  Configuration
changes to it affect virtually every application that uses
DNS.  How many lines of code is that?  Hundreds of millions?
Billions?  Any configuration change to the legacy zones
should be made only after careful consideration, with a strong
prejudice to do nothing.

Because V$ is downplaying the seriousness of this problem,
many (most) won't audit their systems to see how it might be
affected by this.  I hope V$ is prepared to take responsibility
for whatever breaks.

I hope DOD/FBI/DHS aren't expecting a stable COM zone.  I guess
we'll find out the next time a terrorist buys a plane ticket
or 1000 lbs of fertilizer using a bogus email address.

KL




More information about the NANOG mailing list