thanks to several folks who let me know this was going on. i hadn't even noticed that i wasn't getting nanog@. thanks to seclists.org for hosting an archive i could use. --- From: bmanning () vacation karoshi com Date: Wed, 23 May 2012 05:40:16 +0000 On Tue, May 22, 2012 at 10:07:52PM -0700, Michael J Wise wrote: On May 22, 2012, at 9:10 PM, bmanning () vacation karoshi com wrote: On Tue, May 22, 2012 at 08:52:52PM -0700, Michael J Wise wrote: On May 22, 2012, at 8:35 PM, Randy Bush wrote: father of bind? that's news. <http://boingboing.net/2012/03/29/paul-vixies-firsthand-accoun.html> He was there, and Put The Fix In, to down the network. Certainly news to Phil Almquist and the entire BIND development team at UCB. Paul was at DECWRL and cut his teeth on pre-existing code. While he (and ISC) have since revised, gutted, tossed all the orginal code, rebuilt it twice - and others have done similar for their DNS software, based on the BIND code base, implementation assumptions, and with little or no ISC code, and they call it BIND as well, it would be a HUGE leap of faith to call Paul Vixie the father of BIND - The Berkeley Internet Naming Daemon. Methinks we're talking at cross purposes. maybe... :) my comment was refering to the "father of bind" statement. i don't describe myself that way. i inherited bind at 4.8.3 and fixed stuff. i rewrote a lot of it for 4.9. we (mostly me but with huge work by robert halley and mark andrews) rewrote most of it for bind 8.1. (there was no 8.0.) other people (not me) wrote bind 9.x. other people (mostly not the same people) are writing bind 10. if my wikipedia entry is wrong in this regard i invite folks to fix it. last i heard it's disallowed for people to edit their own entries, so i have not tried. i am not the father of anything, except four healthy kids. i do sometimes call myself "the wierd uncle of the internet" but "father of bind" is not what i mean. As for being there and "Put The Fix In"... Makes for great PR but in actual fact, its a bandaid that is not going to stem the tide. An actual fix would really need to change the nature of the creaky 1980's implementation artifacts that this community loves so well. I don't think we're talking about the same thing at all. Paul was there to shut down the DNS changer system and replace it with something that restored functionality to the infected machines. And I gather Paul will be one of the people who will turn the lights out on it. yes, and yes. He didn't "shut down" DNS Changer, he put up an equivalent system to hijack DNS traffic and direct it to the "right" place... SO folks didn't see any problem and the DNS Changer infection grew and got worse. When he is legally required to take his "bandaide" out of service, then the problem will resolve by folks who will have to clean their systems. it's true, the fbi team who powered all that stuff off and loaded it into a u-haul truck are the ones who "shut down dns changer". or perhaps it was the police in estonia who arrested all those people. i'm not the shutter-downer. As for "turning the lights out" - that will only happen when the value of DNS hijacking drops. As it is now, ISC has placed DNS hijacking code into their mainstream code base... because DNS hijacking is so valuable to folks. In a modestly favorable light, ISC looks like an arms dealer (DNS redirection) to the bad guys -AND- (via DNSSEC) the good guys. Either way, they make money. well, no. but that seems off-topic. start a new thread if you care. (and, cc me!) And yes, I think I agree with you. Paul will be there to turn things off when they no longer make money for his company. well, no. when the court order runs out we will have to shut things down. but the money FBI is paying us for this is just to cover costs. and, it's not my company. isc is a 501(c)(3), basically a ward of the state of delaware, having no shares and therefore no shareholders. Your other comments are non-sequitur to the main issue. Perhaps I am not a member of the Paul Vixie cult of personality. so sad. When those servers are turned off, Customer Support folks at many ISPs will prolly want to take their accrued vacation. Amen. And there will be thousands more of them when the court order expires than existed when the Feds called him in. um. no. hundreds of thousands less than before the feds called ISC in. see dcwg.org. it's lovely to have so many fans. keep those cards and letters coming. (but, cc me!) paul