Software Firm Rolls Out Security Hole Early-Warning System

No Comments

The company that distributes the most ubiquitous breed of
Internet
server software is launching an online forum that will alert paying
participants to
potential security holes discovered in the software.

The Internet Software Consortium (ISC) - which develops and disseminates
the
Berkeley Internet Name Domain, or "BIND" software - alerted its customers
last
week to the creation of the BIND-Members Forum, according to ISC
officials..

ISC will charge an undisclosed membership fee for participation in the
forum.
In exchange, it will give participants early warnings about potential
security flaws,
according to an ISC statement on the new program.

"In the interest of maintaining a stable Internet infrastructure, and in
accordance
with its corporate charter, Internet Software Consortium Inc. is creating
a secure
forum for the rapid exchange of both information and software patches for
BIND,
in the event of any future software or protocol compromise," ISC Chairman
Paul
Vixie said in an e-mail message today.

Vixie did not say whether ISC had created the forum in response to the
recent
discovery of a security hole in two of the most popular versions of BIND.

The flaw - which exists in BIND 4 and BIND 8 - could expose more than 80
percent of the world's Web sites to debilitating hacker attacks if network
administrators don't move quickly to replace the flawed versions, security
experts said last week when the flaw was announced.

Originally identified as an exploitable threat by Network Associates'
COVERT
Labs more than a month ago, the problem was kept largely under wraps until
the ISC could make a fix widely available. That fix can be downloaded
from http://www.isc.org .

Regardless of the impetus behind the BIND forum, ISC has drawn some flack
from members of the Internet community who are concerned with the plan to
charge money for forum participation.

The ISC responded to those concerns in a written statement, contending
that all
fees collected would go to support the consortium's not-for-profit
software
development mission.

Details of the BIND security hole can be found on CERT's Web site at
http://www.cert.org/advisories/CA-2001-02.html.

No Comments

Comments are closed.

Got News? Contact Us

Recent Headlines

The newest AI revolution has arrived

The evolution of AI voice assistants and user experience

Watch a game of Minesweeper destroy Windows in real time

Microsoft will let Windows 11 users remap the stupid Copilot key on their keyboard

Ubuntu Linux 24.10 Oracular Oriole Beta released for testing

Microsoft risks public backlash by backing controversial Three Mile Island nuclear reactor reboot

Save $17! Get 'Not with a Bug, But with a Sticker' for FREE

Most Commented Stories

Windows 12.1 is everything Windows 11 should be -- and the Microsoft operating system we need!

41 Comments

Rectify11 update arrives to fix Windows 11 -- download it now

21 Comments

Apple Intelligence will launch in beta and that’s unacceptable for a trillion-dollar company

16 Comments

Forget TeamViewer, RustDesk is the open-source alternative you've been looking for

15 Comments

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.6.1

14 Comments

Donald Trump vs. Kamala Harris: Google ramps up efforts to protect Presidential Election integrity

12 Comments

Microsoft is bringing ads to the Windows 10 Start menu, just like in Windows 11

11 Comments

Are you ready for 6G? A breakthrough device just made it possible

9 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.