Cross-industry vendor alliance plugs DNS vulnerability

Last week, an alliance of software companies and network hardware vendors announced a series of updates designed to fix a DNS flaw first discovered by security analyst Dan Kaminsky. The flaw, which has not yet been described in detail, could have been used to poison domain name system (DNS) servers, including those of specific ISPs. For those of you who aren’t aware, DNS servers translate a written, standard web address (www.worldofwarcraft.com) into its corresponding IP address (12.129.242.22). Web browsers understand IP addresses just fine—69.157.76.15 will take you over to Yahoo, if you punch it in—but memorizing a long list of IP addresses isn’t the most convenient way to surf the tubes.