[LINK] British researcher finds a 'kill switch' for global cyber attack

Scott Howard scott at doc.net.au
Mon May 15 10:45:49 AEST 2017

No, but you can have it do a TXT lookup and check the response, or
something similar.  For bonus marks, sign the response using an asymmetric
key so that it can't be reverse engineered.

(or any one of a thousand other options that would be far better than a
single DNS lookup as this one seemingly did)


On Sun, May 14, 2017 at 5:31 PM, Hamish Moffatt <hamish at cloud.net.au> wrote:

> On 15/05/17 10:25, Paul Bolger wrote:
>> The next one will have the kill switch encrypted.
> I think it was discovered by watching the network traffic from an infected
> computer - the investigator would have noticed the DNS lookup requests for
> the magic domain. You can't encrypt that.
> Hamish
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link

More information about the Link mailing list