I can be pretty skeptical and cynical at times (part of what drives my interest in security) and I am especially skeptical of massively hyped vulnerabilities. If anything, I tend to underhype what I do and let others hype it for me if they think that it warrants more attention.
With all of the hype around Dan Kaminsky’s DNS vulnerability, I naturally doubted that all of the hype was warranted. I was flattered, however, when Rich Mogull called and invited me onto a conference call with Dan Kaminsky and the other Doubting Thomas (Ptacek, that is). Dan explained the full details and scope of his attack and both of us were impressed and agreed that it is way more serious than we had imagined. Yes, I am being light on the specifics here because I was sworn to secrecy and if I were to break it, Dan would cause my nameservers to rickroll me until the end of time.
In summary, when the full details of Dan’s attack come out, you will most likely be impressed. I definitely was.