Security News > 2020 > August > “Chrome considered harmful” – the Law of Unintended Consequences

“Chrome considered harmful” – the Law of Unintended Consequences
2020-08-26 16:58

An obvious example is for the purposes of security filtering, where a network security device or cloud service deliberately redirects known bad domains, such as malware repositories, thus heading off potentially malicious traffic right at the DNS level.

Simply put, a DNS lookup for a server name that doesn't exist at all, and therefore can't be resolved, is supposed to come back with a DNS error 3, known as NXDOMAIN, short for non-exsistent domain.

As Thomas points out, on a network where there is no NXDOMAIN hijacking, those random DNS lookups all have to be handled by the root DNS servers.

The made-up domains names don't exist, and therefore won't be in anyone's DNS caches, and will always require your computer's DNS resolver to check right back to the mother ship - one of the 13 root DNS servers - for an answer that annoyingly serves no purpose except to help Chromium configure its autosearch "Feature".

None of which has anything to do with finding the location of any real servers, which is the main purpose of DNS. Even worse, as NXDOMAIN hijacking becomes less common, thanks to pressure on ISPs not to do it, Chromium's pressure on the root DNS servers will increase, because more and more of the random intranet redirect detector lookups will end up making it all the way to those 13 root servers, only to produce errors.


News URL

https://nakedsecurity.sophos.com/2020/08/26/chrome-considered-harmful-the-law-of-unintended-consequences/