DNS servers are the “yellow pages” “phone book” of the internet.

whoever is running DNS servers get’s to know all queries send (what client is requesting and probably connecting to what address… basically: what websites the user have visited, this is very private sensitive data, so DNS servers need to be trustworthy)

what DNS server should user use?

try: https://dns.sb/

“In June of this year, “Ripple20” (not only) shook the Internet of things:

19 vulnerabilities in a TCP/IP Stack for Embedded devices made “hundreds of millions” devices vulnerable, according to their discoverers.

Now, Stack analysis by another team of researchers using Fuzzing, a variant of automated software testing, and static Code analysis have revealed 33 new vulnerabilities, three of which were rated critical.”

auto translated from https://www.heise.de/news/Amnesia-33-ein-Ripple20-Deja-vu-im-Open-Source-Gewand-4982063.html

• CVE-2020-24336 (CVSS-Score 9.8/”Critical”, RCE, uIP)
• CVE-2020-24338 (CVSS-Score 9.8/”Critical”, RCE, picoTP)
• CVE-2020-25111 (CVSS-Score 9.8/”Critical”, RCE, Nut/Net)
• CVE-2020-25112 (CVSS-Score 8.1/”High”, RCE, uIP)

what to do?

in order develops need to look at the vulnerabilities, fix them, and vendors need to provide automatic updates to all devices

Links:

src: https://www.heise.de/news/Amnesia-33-ein-Ripple20-Deja-vu-im-Open-Source-Gewand-4982063.html

src of src: https://www.forescout.com/company/resources/amnesia33-how-tcp-ip-stacks-breed-critical-vulnerabilities-in-iot-ot-and-it-devices/