A Deep Dive on the Recent Widespread DNS Hijacking

Bill Woodcock woody at pch.net
Mon Feb 25 05:34:42 UTC 2019

> On Feb 24, 2019, at 5:51 PM, Keith Medcalf <kmedcalf at dessus.com> wrote:
> That they also "forgot" to disable DNSSEC on PCH is not particularly relevant.  It only goes to prove my point that DNSSEC is irrelevant and only gives a false sense of security (for this particular attack vector).

For those watching from the sidelines, This guy is perfectly encapsulating one of the arguments that seem to pop up in the wake of attacks: “What actually happened is irrelevant, because I can imagine other things that could hypothetically have happened, but didn’t, which would have reinforced my view of the world.”

I can’t say that I understand the psychology behind people thinking this way, but as we’re choosing to be transparent about our experience for the benefit of others, I thought I’d highlight this particular quirk, as Mr. Medcalf is far from alone (not about DNSSEC specifically, but apparently attacks bring people with all manner of chips on their shoulders out of the woodwork).  It’s a particularly self-defeating logical fallacy, so being aware of it is the first step to recognizing it and avoiding it.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190224/d53563a5/attachment.sig>

More information about the NANOG mailing list