Domain Name System Security Extensions (DNSSEC) were switched on for .com domain names late last week, in a final stage of one of the biggest security upgrades the Internet has seen.

DNSSEC extends the age-old domain name system (DNS) by allowing domains to be digitally signed--and thereby authenticated--by end users. (DNS is what’s used to convert human-readable web addresses like pcworld.com into numeric IP addresses like 70.42.185.10, that are understood by computers.)

The system makes it harder for hackers to carry out so-called "man-in-the-middle" attacks whereby hackers fake the DNS records for a Website to send visitors to a site that looks identical to the real thing, in order to harvest personal details.

More: http://www.pcworld.com/businesscenter/article/224256/