top | item 46114157

(no title)

Milpotel | 3 months ago

> I guess wikipedia doesn't agree with you:

Are you kidding? Bind has been the de facto standard for DNS servers for ages but it's just a badly engineered piece of software and had braindead vulnerabilities for decades:

https://www.cvedetails.com/vulnerability-list/vendor_id-64/p...

Already 20 years ago it was common knowledge to never use software that Paul Vixie had touched (bind, vixie-cron, sendmail ...) and we used alternatives such as djbdns. Good old times...

discuss

johnea|2 months ago

After just a short search to try to come up with some numbers, I find that between 60% and 90% of internet DNS servers are running bind.

And yet somehow, the internet has much bigger problems...

Milpotel|2 months ago

Bold statement just one month after the last cache poisoning vulnerability. Bind is the Microsoft Windows of DNS servers - a lot of users and bugs nonetheless the go-to for many admins because that's what they are most familiar with. And similar to Windows, the internet mostly relies on others - none of the big companies (Meta, Cloudflare, Google, MS, Amazon, Netflix, Twitter...) use bind and neither do most hobbyists. It's just for the plethora of mid-sized companies with unmotivated admins.