You are viewing a single comment's thread from:
RE: STEEM DNS - Your username DOT STEEM. DNS on the Blockchain
Awesome work on delivering this quickly! My only concern is that you do not go over the security concerns:
Using custom third-party DNS servers opens users up to potential man in the middle attacks and credential theft!
I am not saying that you are malicious, but if your server gets hacked and it goes unnoticed, then everyone who uses it is vulnerable. If a large portion of Steemit begins using your service (and it's hacked), then a large portion of funds can be stolen.
NOTE: @someguy123 is making this code open source so that others can use it as well. If anyone is planning to use someone else's DNS server, they must ABSOLUTELY TRUST that person is safe and is running the same code.
Of course this is a problem. I will be publishing a guide in the next day or so on how to run a DNS server yourself. Then there's no risk, and of course people could choose DNS servers of people they do trust.
I'm working to become a top witness, I'm already well trusted outside of STEEM, and slowly I'm hoping to gain the same reputation on Steemit.
I've just updated the post to reflect this. Hopefully that will address your concerns.
A little, but you don't really go over the security issues, you just define what a DNS server does. Everyday user's will have no idea why what this means and what the implications are:
What everyday users need to hear is that:
By using a third-party DNS, you are essentially trusting them with ALL OF YOUR INTERNET CREDENTIALS including bank account information. BE VERY CAREFUL!!
Check now. I've updated it again. Hopefully it's clear enough...
Thanks! Sorry I am a stickler on this, but hey. This is what I do for a career.