No doubt that, when typing a domain into our web browsers, we’ve all fatfingered and found ourselves not at the page we intended, but at a typos

BH 2011: Bit-squatting – DNS hijacking without exploitation

submited by

Style Pass

2021-08-01 21:30:04

No doubt that, when typing a domain into our web browsers, we’ve all fatfingered and found ourselves not at the page we intended, but at a typosquatted domain that aims to benefit from our mistake.

But Artem Dinaburg’s paper “Bit-squatting DNS Hijacking without Exploitation,” presented last week at the Black Hat security conference, explores how bit-flipping in memory chips or CPU caches can also cause you to visit a wrong domain that may be one character off from the real one.

Why do bits flip? Dinaburg postulates that most often this is a consequence of either cosmic rays, or operating devices outside of their optimal temperature range. The latter is likely more frequent in smartphones and other handheld devices that are used in a wide variety of environmental conditions.

Dinaburg conservatively estimates that 614,400 memory errors occur per hour globally. Not all of these could impact a DNS request, but this is still a significant opportunity for problems to occur.