“D-Day for Internet” – The Indian Express
I turn a deaf ear to the Indian media hype, especially around topics of no interest to me say, politics. The recent hype around the ‘DNS Changer’ malware though is undeniably one of the biggest ‘face-palm’ moments of Indian media. I want to point out a couple of things to our concerned scribes who thought the Internet was going down.
First of all, the DNS Changer is not a virus but malware. I won’t waste precious bytes explaining what the difference is, but get a fucking dictionary and write accurate news.
Secondly, the numbers thrown around were highly inaccurate. An FBI report estimated that only about 200,000 computers (or modems) worldwide were infected by the malware while our media was quoting numbers ranging from 100,000 to 500,000.
Third and most importantly, the magnitude of the problem was blown out of proportions. Last I checked there were 120 million Internet users in India, and an estimated 20,000 computers (or modems) are affected. How is this Armageddon? Here’s an idea – get a fucking calculator and do the math. Only a tiny fraction of the users will be affected if at all. In all honesty, I don’t feel sorry for those users, they’re probably the ones still clicking on the ‘free iPad’ promos and think Bill Gates is going to wire them money every time they forward a fucking email about a nonexistent child in need.
If you’ve come this far, rest assured your PC or network is not infected. Now that I’ve adequately abused the media, let me get to some revelations I had this morning about how our ISPs are preparing to avert disaster:
My allegiance with Sify dates back to 2004, and the following statement from one of their Security Products guys is just a joke:
“We are following all security procedures and deployed security solutions such as anti-malware, anti-spam and others protection tools. Besides, we are monitoring 24×7 our networks for malware infections and DDoS but there are no reports for DNS Changer infecting our customers”
I’m sorry but what does DNS Changer have to do with Distributed Denial of Service, and how will any measure of security help if the customer’s DNS Resolver IP is altered? May I remind you that you are a Cable Internet provider and don’t have modems/routers to remotely manage at the customer’s premise?
And here’s a guy from Pacenet:
“To curb such threats we have incorporated DNS security into our DNS namespace design, reviewed the default DNS Server service security settings and applied Active Directory security features on the DNS Server service which is running on a domain controller”
DNS Security a.k.a DNSSEC guarantees the authenticity of the (authoritative) DNS Server but does not guarantee that the DNS Resolver is not acting maliciously. DNS Changer does exactly that – takes the spot of your DNS Resolver and acts maliciously by say forwarding you to a favorable website instead of the one you originally sought, to generate ad revenue. What the fuck have you guys been smoking?
Long story short – I’m drawing the following conclusions:
- Abu Jundal is now stale news, and the media wanted to ride this wave with inaccurate, bloated-fake-news.
- A majority of the Indian ISPs don’t know what the fuck they’re talking about.
- A bunch of Estonians cannot take the internet down!