Two security researchers plan to talk at Black Hat Asia conference next week. They have released 70 different vulnerabilities in different implementations of TCP/IP stacks over the past year. Complex design requirements and ambiguous specifications can have on software security, they say. The vulnerabilities are the latest from their research into the vendor implementations that handle domain-name system (DNS) traffic. In one case, one word “may” versus “must” resulted in different security issues due to a single anti-pattern.”]