Bit errors in computer memory, when they occur in a stored domain name, can cause Internet traffic to be directed to the wrong Internet location potentially compromising security. When a domain name one bit different from a target domain is registered, this is called "bitsquatting". This presentation builds on previous work in this area presented by Artem Dinaburg at Blackhat 2011. Cisco's research into bitsquatting has revealed several previously unknown vectors for bitsquatting. Cisco has also discovered several new mitigations which do not involve installation of error correcting memory, nor the mass registration of bitsquat domains. In fact some of the new mitigations have the potential to render the problem of bitsquatting to the dustbin of history.
Jaeson Schultz (@jaesonschultz) is a Threat Research Engineer for Cisco's Threat Research and Communications (TRAC) Team. Cisco's TRAC team is dedicated to advancing the state-of-the-art of threat defense and enhancing the value of Cisco's security products. Jaeson has over 20 years' experience in Information Security, working previously for companies such as Counterpane, Brightmail, and IronPort. Jaeson's computer experience ranges from hardware hacking, to log analysis and security policy recommendation, to thwarting misuse of Internet application layer protocols like DNS, HTTP, and SMTP. Prior to working in Information Security, Jaeson studied Computer Science at the University of Nevada at Las Vegas. Jaeson also currently holds an Amateur Extra radio license from the FCC under the call sign K8YJO.