Replies

But the old timers lost their influence.

It's an interesting point. In the old days a large telecom company might run a major DNS server. But in reality it was a geek inside the company who set it up. There is zero profit in running DNS. It was the same with Usenet (predecessor to WWW). All the geeks running these servers had gentlemans agreements with all others. Many were at universities with the purpose of learning, collaborating, expanding the reach of the early internet, and not making any profit.

Now with the rise of profit those old timers have lost their influence like you say. There are still 13 root servers run by aging geeks at various US origin institutions. Here is Verisign's server: http://j.root-servers.org Verisign also operates "a". Here is "b" at USC: https://b.root-servers.org

These root servers are pretty much still not for profit, but click through "b" screens above and see things like "B-Root commits to respond to all productive DNS traffic. We filter out traffic we identify as non-productive or harmful as part of promoting good Internet operational practice, consistent with RSSAC-001 Root Service Expectations."

"B" is still a good internet overlord. Verisign went over to the dark side around 2000 or so, but they still can't make extra money mucking up their root servers. Also a mucked up server would affect their revenue in co-maintaining their TLDs so they would not go along with it.

As for your idea of cyberwar by DNS (other than the age-old denial of service attacks), I'll have to think some more about it. It would undoubtedly be in conjunction with "real" attacks. For example the mucked up DNS would redirect nearly everyone to sites disseminating trojans. Those would look and behave exactly like the real sites because our browsers always assume the DNS is honest.

OTOH, cyberwars work best by slow and stealthy infiltration. Mucking up the DNS is the opposite of that.