DNS…Seriously?

The gist of “safe” crypto exchanges is supposed to be the validation of a given transaction by more than the two parties involved in the transfer of information.  Depending on the cryptocurrency involved, this type of effort means three or more devices are involved in a given transaction.

Of course, validating those devices is, at best, a joke.  In yet another DNS attack today, hackers spoofed DNS and stole a bunch of money.  And this is not even the first time – nor is there any apparent effort to overcome this massive issue.

To understand why this issue is a fiasco, it is important to note that DNS is just a glorified lookup system.  Computers go to a known source and submit a domain name (e.g. https://google.com) and the DNS server sends back the actual IP address for that domain name.  There is little protection, it is relatively easy to both hack into DNS records and overcome said hacks.  Prior to cryptocurrency exchanges, the relatively short duration of a hack’s life (i.e. before it is overcome) translated into a scarcity of attacks.

Now, however, hackers can make hundreds of thousands of dollars, or more, through this simple attack…and this is how cryptocurrencies protect themselves?!?

Devices, Devices, Devices

It all comes down to…wait for it…DEVICES.  A web portal is just a program running on a device, cryptocurrency exchanges are nothing more than devices talking with each other.

To protect these exchanges, devices have to have an identity that is continuously monitored.  The language and protection of the transactions have to be dependent on these authenticated devices.  In fact, independently locking down the devices will actually reduce the complexity of the hashes required for a given exchange – and result in a much more secure system.

DNS is obsolete from a security perspective, something better needs to be used…devices are the answer!