OzymanDNS - Advanced exploration into the use of DNS as a general purpose communication medium. DNS is more hostile to this than any other protocol, so the solutions being built should be generalizable.Link (Thanks, Look!)
presenters Dan Kaminsky
history The first version of OzymanDNS was presented at Defcon, where I demonstrated SSH over DNS (and with that, general purpose VPN'ing using the dynamic forwarding discussed at Codecon in 2003) and live streaming radio over DNS. I also discussed in some depth the potential for bypassing firewalls using the proxying components of the protocol. demo "DNS is a routing, caching, globally deployed overlay network on top of the Internet. Last year's Black Ops of DNS discussed rudimentary mechanisms for manipulating that network to achieve low bandwidth but insidiously firewall-penetrating connectivity anywhere and everywhere. This year, we expand this research to show how extensive, bandwidth amplifying routes can be deployed across the two million DNS servers out there -- and demonstrate an aggressively loss tolerant protocol that can extract high speed connectivity from what's usually considered to be the lowest capacity protocol on the Internet." In other words, I'm trying for Video over DNS. I'll also probably demonstrate in greater depth my DNS-based solution to RSS overload.
future plans Once the DNS infrastructure is ready for demo, backport it to general purpose UDP, document the spec, and turn it into a NAT2NAT framework. The lack of a really good solution for this has been a thorn in all of our sides, and the TCP stuntage from years back turned out not to actually be deployable like this would be.
I write books. My latest is a YA science fiction novel called Homeland (it's the sequel to Little Brother). More books: Rapture of the Nerds (a novel, with Charlie Stross); With a Little Help (short stories); and The Great Big Beautiful Tomorrow (novella and nonfic). I speak all over the place and I tweet and tumble, too.