Recently the IP address for one of the root nameservers has changed.
These IP addresses are hard-coded in configuration files deep in the servers or many ISP's, and are hardly ever updated.
Some smart, sneaky, probably malicious entity figured they would grab the OLD ip address of the nameserver, and set up an unauthorized nameserver of their own, thus capturing all hostnames requested by pretty much most people on the internet. And also having control to what these hostnames resolve to (so thus having the ability to redirect anyone to any malicious proxy or site, intercept any data they want etc,...)Read all about it
[ Invalid Attachment ]
So why do I post this in the developer corner section?
Things like this really make you reflect on security in your internet-enabled applications.
It should be assumed that any connection you make to a remote server can potentially be snooped upon.
Actually, a root dns server being hijacked is a bit extreme, but it is a lot easier for your data to be compromised. It only takes one compromised network on the route between the two parties(or the network of one of the parties themselves), and a mitm(man in the middle) attack is possible.
With the vast amount of botnets and compromised drone computers out there these days, it becomes more and more likely that you stumble upon a compromised network, and potentially make your data available to unauthorized parties.
Very few applications still use encryption these days. Only the most sensitive information is encrypted usually.
But data that doesn't seem sensitive at first sight can still be harmful if combined with (lots) of other data. Identity thieves are especially crafty at that kind of thing.
One reason you don't see as much (https) encrypted websites on the web as you should is because of a limitation in the https protocol: only one https domain name per ip address is possible. (eg, currently you can't have donationcoder.com and codycoins.com on the same IP, both using https). This is just one of many examples of how our current infrastructure is not built for the vast amount of threats that are present on the web these days. So what are you doing to make your internet-enabled applications, web-applications, and websites ready for the remainder of the 21st century?To conclude, a little scary quote from the article:
So the operators of such bogus name servers could operate for a very long time, providing correct answers or incorrect ones as they saw fit. They could log your requests to determine your interests and censor the ones they didn't like. In general, they could engage in all sorts of mischief, ranging from very targeted ("let's get this one individual or organization") to very wide-ranging ("let's blow away .com today").