I've nominated Cross-site leaks (a while back) for promotion to a Featured article. Reviews, comments and suggestions are welcomed at the nomination page :) Sohom (talk) 21:36, 9 March 2024 (UTC)

I'm sadly too late to properly comment but I think you got a good discussion in the end - I definitely think I would agree that I'd like to see a shorter and more simple lead section. Joe (talk) 18:40, 20 March 2024 (UTC)

I've conducted a detailed review of articles on DNS-related attacks, including DNS hijacking, spoofing (and cache poisoning), and noticed some areas where we could improve clarity and accuracy, especially regarding the interchangeability of terms and the mention of modern security practices like DoT and DoH.

Terminology Clarification

There seems to be some confusion and overlap in how we define and use terms like DNS hijacking, spoofing, poisoning, cache poisoning, rebinding and redirection. A concerted effort to standardize these terms with clear definitions could significantly benefit the readers. Specifically, distinctions between terms such as DNS hijacking and DNS spoofing, as well as DNS poisoning vs. DNS cache poisoning, need to be more clearly delineated.

Inclusion of MiTM Contexts and Clarification on Attack Strategies

Enhancing these articles to explicitly explain how DNS attacks can facilitate MiTM attacks, including the roles of ARP poisoning and race condition attacks, is necessary. The latter, often conceptualized as a "first reply race" in DNS spoofing scenarios, involves attackers responding to DNS queries more quickly than legitimate servers.

Remedies and Modern Solutions

The absence of discussions on current DNS security measures like DoT (DNS over TLS) and DoH (DNS over HTTPS) in the remedies sections of these articles is a notable gap.

I propose we collaborate to update these articles for accuracy and to reflect latest advancements in DNS security. This effort would involve revising the existing content for clarity, updating terminology to reflect the precise use of DNS-related terms, and adding sections on modern remedies such as DoT and DoH.

I look forward to your feedback, suggestions, and any additional insights you might have on these topics.

Links:

DNS spoofing

DNS hijacking

DNS rebinding

WalterMccan (talk) 12:28, 19 March 2024 (UTC)

At a glance, all three of the articles need significant work and I think they'd be a great project for a newish editor. I would encourage you to be WP:BOLD and start by adding verified sources and doing some general housekeeping according to WP:MOS. Hit me up on my talk page if you'd like someone to review what you've done. Joe (talk) 18:35, 20 March 2024 (UTC)

Sounds like a plan! I will get on it over the weekend and keep you up-to-date. Thank you. WalterMccan (talk) 11:20, 21 March 2024 (UTC)

Is there a standard practice for how we treat data breaches on Wikipedia? I'm looking at things like 2011 PlayStation Network outage (which I've done some work on and would appreciate eyeballs), 2015_TalkTalk_data_breach, and 2015_TalkTalk_data_breach - but there isn't much consistency. At the very least they should probably all use Template:Infobox_event, but I'm curious to know if there is any 'best practice' I can look at... Joe (talk) 18:31, 20 March 2024 (UTC)

There is a requested move discussion at Talk:CounterSpy (software)#Requested move 27 April 2024 that may be of interest to members of this WikiProject. Safari Scribe^{Edits! Talk!} 22:59, 4 May 2024 (UTC)