“We need DNSSEC” is shouted from Black Hat DC
I attended my first Black Hat Conference this week in Washington DC.
The conference consists of a wide array of security briefings that all encompass Black Hat’s core values: serving the information security community by delivering timely, actionable security information in a friendly, vendor-neutral environment. I have to admit, the Black Hat Team sure works hard to ensure they stay true to their core values. The information shared was fresh and relevant and I’ve never met such a friendly and welcoming group of people.
.ORG hosted a cocktail party on Tuesday night so we could mix and mingle with our new found security friends. We had a great turnout and there was plenty of successful networking with great food! Our CEO, Alexa Raad thanked the crowd for their participation and support as the .ORG Registry becomes more acquainted with the World of Internet Security. “In order for us to work towards protecting the Internet in a domain name registry, we are taking steps to learn about cybercrime from your perspective,” said Alexa, and I couldn’t agree more. Security is very essential to us in our role as the operator of the .ORG Top-Level Domain, so it is important to us to be involved. The lack of security of the DNS is clearly an issue, and .ORG feels the need to be present and meet the players in the security community.
I, of course was very eager to listen to another security briefing by legendary DNS Researcher, Dan Kaminsky. Dan was definitely in his element at Black Hat! His presentation was enthusiastic as expected and the audience was captivated. DNS was in the limelight in many presentations as the only successfully federated database on the Internet today. The audience was also reminded just how incredible DNS is and how many applications are built on top of DNS. But then the bomb drops - DNS is not secure! “DNS is the common cause of security issues, and our inability to scalably fix them. Therefore, we need DNSSEC.”
I am proud to say .ORG is listening and responding to the needs of Internet Security by the implementation of DNSSEC. We are thrilled to be the first gTLD to implement DNSSEC and work towards a more safe and secure Internet. I was pleased with the 2009 Black Hat Briefing in Washington DC. The .ORG team is already looking forward to the next Black Hat event July 25-30, Caesars Palace Las Vegas, NV.