Voices from Infosec with Paul Vixie
Welcome to a special edition of Breaking Badness. In this bonus episode, you’ll hear from Chief Executive Officer at Farsight Security, Paul Vixie. Co-hosts Chad Anderson and myself sat down with Paul to discuss his background, passion for open source software development, DNS and more.
Paul Vixie, California Rancher
For the latest installment of our Voices from Infosec series, Breaking Badness regular Chad Anderson (@piffey) and I spoke to one of the best-known names in, well, not just infosec, but the Internet in general, from a technical perspective: Paul Vixie. So when you have a chance to sit down with someone who has made such fundamental contributions to a phenomenon that has literally transformed the world, where do you begin?
Chickens. Of course.
Paul had told us during our prep for the episode that he lives on a ranch in California with open space, horses, and chickens. Naturally, we asked him whether the chickens have a distributed, hierarchical, dynamic naming system, where names have TTLs and are requested from some authoritative source when you forget them.
The answer was…no. (I guess when you’ve created that for the Internet, you don’t have to prove anything by using it for chickens).
Cron, BIND, DoH, and Security
We did move on from the bucolic life to the technical. It turns out that Paul’s code, and derivatives of it, are in widespread circulation in more places than just BIND servers. One of the open source projects Paul contributed was a revision of cron, and Vixie cron made its way into a variety of *nix operating systems, notably BSD. (If you’re using a Mac to read this, there’s a decent chance you’re running Paul’s code, though the module was renamed to ISC Cron a while back.)
And of course we talked a lot of DNS—not just how Paul got involved with it in the 1980s, but the role it can and (we of Breaking Badness agree) should be used for security. And, spoiler alert: DNS over HTTPS is not preventing blue teamers from getting good security use from passive DNS data. Along the way we got Paul’s insights on related matters such as why the number of RFCs coming out seems to have slowed, what’s hampering development of new or modified Internet protocols, and how the concept of passive DNS monitoring began.
Paul Lied To Us
It’s true. Paul gamely played our Two Truths and a Lie game. These were the three statements he gave:
- The profile of a motorcycle tire, as seen from behind, is round, rather than flattened like a car tire. This is because when the bike is leaned over in a turn, the radius of the contact patch is smaller, which helps pull the bike through the turn.
- The humble-yet-ubiquitous CPU fan was actually patented, and the patent sold for millions of dollars
- The original USB protocol was inspired by the IBM-standardized PS/2 mouse and keyboard protocols. This meant that all USB keyboards natively support n-key rollover.
Dying to know which of these devious statements is a lie? Be sure to listen through the podcast to resolve any feelings of suspense.
It was great learning more about Paul’s early days, as well as what he’s currently working on. We’d like to thank him for joining us, and for his contributions to Internet functionality and security.
That’s about all we have for this week, you can find us on Twitter @domaintools, all of the articles mentioned in our podcast will always be included on our podcast recap. Catch us Wednesdays at 9 AM Pacific time when we publish our next podcast and blog.
*A special thanks to John Roderick for our incredible podcast music!