Chris Skinner's blog

Shaping the future of finance

Internet hole worse than everyone thought

Chris Skinner Author Avatar

Following on from

Dan Kaminsky spoke at the Black Hat Conference
today and said that the hole he had found in the interent had been worse than
feared, saying that "every network is at risk."

The vulnerability is
based upon the fact that DNS (Domain Name System) addresses are generated when
you enter a website name. The website name you enter is converted into a number
that queries the DNS system to find the website. With each query, a random
transaction number is also generated, so that when the website claiming to be
the right one responds, it also sends back the random number. In this way, the
internet is meant to ensure that your queries are matched by the right domain

However, there are a limited number of possible random
transaction numbers. 65,536 to be exact. Therefore, if you flood the DNS server
with request for a domain name, you can generate a good chance of reproducing
the correct number back. In other words, you have a 1 in 65,536 chance if you
make one request, but send in a thousand requests and you have a 1 in 65 chance
of getting the correct random number.

For a detailed technical explanation, the Linux Journal provides a pretty good overview and I
took particular note in their description of this line at the end: "Dan Kaminsky
has said that he was able to exploit systems in less than 10 seconds. That means
Dan can control your bank account, your email, your ebay account, or anything
else you do online, in a matter of seconds. And you didn't even have to do

Luckily Dan has been working with most firms to overcome this
issue before it became public domain, although he did say that 15% of Fortune
500 companies have done nothing and a further 15% are yet to do something.

Much more depth on what Dan Kaminsky has been
saying can be found at amongst others.

Chris Skinner Author Avatar

Chris M Skinner

Chris Skinner is best known as an independent commentator on the financial markets through his blog,, as author of the bestselling book Digital Bank, and Chair of the European networking forum the Financial Services Club. He has been voted one of the most influential people in banking by The Financial Brand (as well as one of the best blogs), a FinTech Titan (Next Bank), one of the Fintech Leaders you need to follow (City AM, Deluxe and Jax Finance), as well as one of the Top 40 most influential people in financial technology by the Wall Street Journal's Financial News. To learn more click here...

Digital Transformation Programme

Learn directly from from one of the most influential people in technology, gain insights from the world's most innovative companies, and build a global network.

Top 50 Global Thought Leaders and Influencers on FinTech 2022

Chris Skinner
Commentator, CEO of The Finanser and best-selling author at The Finanser

Thinkers360 Thought Leader

Contact Me

Best Financial Services Blogger

Chris’s latest book

Chris Skinner’s ‘Digital For Good’ Book Launch Event – CFTE

Global Awards

Best CEO of the Year UK 2022

Best Digital Finance Provider of the Year UK 2022

Best Financial Markets Adviser of the Year UK 2022

Portal to the Knowledge Base of the Financial Services Club UK 2022

Financial Markets Advisor of the Year UK 2022

Corporate America Today Annual Awards

Best Financial Markets Adviser of the Year UK 2022

Portal to the Knowledge Base of the Financial Services Club UK 2022

Financial Markets Advisor of the Year UK 2022

Nominee of MAD33 2021

Kids creating the future bank | TEDxAthens

Join me on Linkedin

Follow Me on Twitter!

UK’s most influential person in technology

Captain Cake and the Candy Crew

Captain Cake Winner of a Golden Mom’s Choice Award


TheNextWeb – #tnw

Learn more about Chris

About Chris Skinner

Presentation at ZBP, September 2020, Warsaw, Poland

Alex at the Financial Services

Gaping Void's Hugh MacLeod worked with the Finanser