{"id":1450,"date":"2013-03-21T10:44:04","date_gmt":"2013-03-21T14:44:04","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=1450"},"modified":"2013-03-21T10:44:04","modified_gmt":"2013-03-21T14:44:04","slug":"google-enhances-security-for-your-website-look-ups","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2013\/03\/21\/google-enhances-security-for-your-website-look-ups\/","title":{"rendered":"Google enhances security for your website look-ups"},"content":{"rendered":"

Google has fully implemented a security feature that ensures a person looking up a website isn’t inadvertently directed to a fake one.
\nThe Internet company has run its own free public Domain Name System (DNS) lookup service, called Public DNS, since 2009. DNS lookups are required to translate a domain name, such as www.idg.com, into an IP address that can be called into a browser.
\nBut DNS systems can be tampered with by hackers. In an attack called “cache poisoning,” a DNS server is hacked and modified so that a user looking for www.idg.com is directed to a different website.
\nISPs and other network operators have been slowly implementing DNS Security Extensions (DNSSEC), which use public key cryptography to digitally “sign” the DNS records for websites.
\nDNSSEC requires a fair amount of work to implement. Domain owners have to ensure their sites are digitally signed. About one-third of top-level domains are signed, but most second-level domains are not, according to Google. ISPs and other network providers must also configure their systems.
\nGoogle now checking
\nGoogle said it is now checking the digital signatures on DNSSEC-formatted messages, an important step in ensuring correct DNS queries.
\n“Previously, we accepted and forwarded DNSSEC-formatted messages but did not perform validation,” wrote Yunhong Gu, team lead for Google Public DNS. “With this new security feature, we can better protect people from DNS-based attacks and make DNS more secure overall by identifying and rejecting invalid responses from DNSSEC-protected domains.”
\nGoogle’s technical pages on DNSSEC state that if it cannot validate a domain, it will return an error response. But if a very popular domain is failing to validate, it may exclude the site from its blacklist until the problem is fixed.
\nGoogle’s Public DNS answers more than 130 billion queries from more than 70 million IP addresses per day, Gu wrote. Only 7 percent of those queries request DNSSEC information, however.
\n“Overall, DNSSEC is still at an early stage, and we hope that our support will help expedite its deployment,” Gu wrote.
\nvia Google enhances security for your website look-ups | PCWorld<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Google has fully implemented a security feature that ensures a person looking up a website isn’t inadvertently directed to a […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[6,7],"tags":[424,1199],"class_list":["post-1450","post","type-post","status-publish","format-standard","hentry","category-networking","category-security","tag-google","tag-websites"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-no","jetpack-related-posts":[{"id":9330,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/04\/03\/security-now-657-protonmail\/","url_meta":{"origin":1450,"position":0},"title":"Security Now 657: ProtonMail","author":"NCCT","date":"April 3, 2018","format":false,"excerpt":"https:\/\/youtu.be\/OeSZg-ph3Ns This week we discuss \"DrupalGeddon2\", Cloudflare's new DNS offering, a reminder about GRC's DNS Benchmark, Microsoft's Meltdown meltdown, the persistent iOS QR Code flaw and its long-awaited v11.3 update, another VPN user IP leak, more bug bounty news, an ill-fated-seeming new eMail initiative, Free electricity, a policy change at\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/OeSZg-ph3Ns\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":7345,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/01\/07\/netflix-begins-blocking-users-who-bypass-region-locks\/","url_meta":{"origin":1450,"position":1},"title":"Netflix begins blocking users who bypass region locks","author":"NCCT","date":"January 7, 2015","format":false,"excerpt":"Netflix has begun blocking users' access to the service when it detects that a geolocation bypassing utility, such as a proxy or VPN, is being used. Although these blocks are currently limited in scope, it could be a precursor to a wider crackdown by the popular streaming service. Over the\u2026","rel":"","context":"In "Technology"","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9052,"url":"https:\/\/nccomputertech.com\/techtalk\/2016\/10\/24\/this-week-in-tech-585-i-cant-wait-till-2021\/","url_meta":{"origin":1450,"position":2},"title":"This Week in Tech 585: I Can’t Wait Till 2021","author":"NCCT","date":"October 24, 2016","format":false,"excerpt":"https:\/\/www.youtube.com\/watch?feature=player_detailpage&v=RVySXlkE5_U A massive botnet of IoT devices took down Dyne DNS, knocking several major US websites off line in a DDOS attack Friday. Hackers were able to break into John Podesta and Colin Powell's Gmail accounts via a simple phishing scheme. Both Microsoft and Apple will hold events next week\u2026","rel":"","context":"In "Technology"","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/RVySXlkE5_U\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9318,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/04\/01\/this-week-in-tech-660-bankwupt\/","url_meta":{"origin":1450,"position":3},"title":"This Week in Tech 660: Bankwupt","author":"NCCT","date":"April 1, 2018","format":false,"excerpt":"https:\/\/youtu.be\/swk768CkIus Best April Fools Tech Jokes. Cloudflare's 1.1.1.1 DNS service. Apple's Education Event. US wants visa applicants' social media accounts. Tim Cook talks privacy. Ready Player One review. SpaceX's satellite internet plans. Fatal Tesla crash.","rel":"","context":"In "Apple"","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/swk768CkIus\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":7480,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/01\/20\/nsa-secretly-hijacked-existing-malware-to-spy-on-n-korea-others\/","url_meta":{"origin":1450,"position":4},"title":"NSA secretly hijacked existing malware to spy on N. Korea, others","author":"NCCT","date":"January 20, 2015","format":false,"excerpt":"A new wave of documents from Edward Snowden's cache of National Security Agency data published by Der Spiegel demonstrates how the agency has used its network exploitation capabilities both to defend military networks from attack and to co-opt other organizations' hacks for intelligence collection and other purposes. In one case,\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/01\/grand-peoples-study-house-computer-lab-640x436.jpg?resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/01\/grand-peoples-study-house-computer-lab-640x436.jpg?resize=350%2C200 1x, https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/01\/grand-peoples-study-house-computer-lab-640x436.jpg?resize=525%2C300 1.5x"},"classes":[]},{"id":7150,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/12\/17\/russian-malware-targets-wordpress-users-over-100000-sites-infected\/","url_meta":{"origin":1450,"position":5},"title":"Russian malware targets WordPress users, over 100,000 sites infected","author":"NCCT","date":"December 17, 2014","format":false,"excerpt":"Our blog was not affected...NCCT. A Russian malware dubbed SoakSoak has infected nearly 100,000 WordPress websites since Sunday, prompting Google to blacklist over 11,000 of those domains (the number is increasing), according to a report from cybersecurity firm Sucuri. The malware exploits a previously-known vulnerability in a WordPress plugin called\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/1450","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=1450"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/1450\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=1450"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=1450"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=1450"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}