Latest in the News: rDNS Queries Reveal Too Much, CISA Demands Asset Visibility, Splinternet, Desktop Holds IPv6 Back 

How can rDNS queries expose confidential information? Why has CISA decided to implement automated asset discovery on a weekly basis? What does communication between IPv4 and IPv6 have to do with the splinternet? How do desktop operating systems block wider IPv6 adoption? These are a few of the most interesting topics we wanted to highlight in this month’s Latest in the News roundup. 

Researchers at the University of Twente (Netherlands) discovered it is possible to access private data and facilitate tracking by analyzing the interplay between the internet and local networks. The researchers analyzed how DNS (Domain Name System) and DHCP (Dynamic Host Configuration Protocol) interact with each other. And how that interaction could, potentially, expose reverse DNS (rDNS) records. 

Researchers concluded that changes to rDNS records via DHCP can reveal client identifiers and, consequently, affect their privacy. Although the risk has been observed since 2016, the research reaffirms the worries and offers a solution. The suggestion is to not map device names to publicly accessible PTR records. 

More on the topic: Reverse DNS queries may reveal too much, computer scientists argue 

The Cybersecurity and Infrastructure Security Agency (CISA) has presented a directive that requires “federal agencies to account for assets and vulnerabilities residing on their networks and allowing CISA to manage cybersecurity in the federal civilian agencies space more effectively.” 

With this motion, CISA gains a better view of the federal agencies’ networks. And agencies must perform weekly automated asset discoveries, which involve the entire Internet Protocol version 4 (IPv4) space. Although focused on federal agencies, CISA encourages all organizations to follow suit.  

More on the topic: CISA Mandates Federal Agencies Account For Assets On Networks 

During the Singapore International Cyber Week event, panelists discussed how internet splintering can cause significant economic loses. According to the discussion, political, commercial and technological differences are the main reasons for splintering. 

Olaf Kolkman, the spokesperson for the Internet Society, suggested that IPv4 and IPv6 devices cannot communicate effectively due to technological differences, which can be a cause for division. According to the speaker, although outdated, IPv4 is the underlying technology that enables devices to communicate over the web.  

More on the topic: Divided Internet could lead to fewer economic opportunities and more security threats, say panelists 

Can wider IPv6 adoption be blocked by desktop users? Ondřej Caletka from RIPE NCC argues that is the case. According to Caletka, while mobile systems have adopted IPv6, Windows, Linux and macOS – the leading desktop operating systems – support apps with IPv4-only APIs. 

Caletka argues that unless IT professionals figure out how to implement IPv6 on a wider scale, we will not see a faster adoption rate of the advanced version of the Internet Protocol. He also advocates for educating IT teams within organizations on how to overcome compatibility issues and prepare for wider IPv6 adoption.  

More on the topic: Is the desktop operating system holding back Internet development?