A Look At the Safety of Google Public DNS 213
darthcamaro writes "Yesterday we discussed Google's launch of its new Public DNS service. Now Metasploit founder and CSO at Rapid7, H D Moore, investigates how well-protected Google's service is against the Kaminsky DNS flaw. Moore has put together a mapping of Google's source port distribution on the Public DNS service. In his view, it looks like the source ports are sufficiently random, even though they are limited to a small range of ports. The InternetNews report on Moore's research concludes: 'What Moore's preliminary research clearly demonstrates to me is that Google really does need to live up to its promise here. Unlike a regular ISP, Google will be subject to more scrutiny (and research) than other DNS providers.'"
And the worst case scenario? (Score:4, Insightful)
It fails miserably, Google revokes it, and we all go back to loving them.
Everyone loves taking a shot at Google, but when they are providing a new FREE service - I can't see it destroying their public image all that much.
Re: (Score:2, Insightful)
What service has Microsoft provided to me that was Free? Besides Bing - which is only "blasted" because people don't like it as much as Google.
Everything else Microsoft has, I've had to pay for, so when it doesn't live up to its claims, I can bitch legit because I wasted my money.
Re: (Score:3, Insightful)
Most of the Live services, especially Hotmail.
Re:And the worst case scenario? (Score:4, Insightful)
Except that no one I knows blasts Hotmail or Live messenger or those services because they do exactly what they aim to do.
Re: (Score:2)
Which negates the statement from the coward up there.
Re: (Score:2)
But you claimed that MS hadn't provided a service that was free, I thought?
What service has Microsoft provided to me that was Free? Besides Bing - which is only "blasted" because people don't like it as much as Google.
Everything else Microsoft has, I've had to pay for, so when it doesn't live up to its claims, I can bitch legit because I wasted my money.
(emphasis mine)
Re: (Score:2, Informative)
who uses Hotmail or Live messenger?
Long live ICQ!
Re: (Score:2)
Except that no one I knows blasts Hotmail or Live messenger or those services
All right, but apart from the sanitation, the medicine, education, wine, public order, irrigation, roads, a fresh water system, and public health, what have the Romans ever done for us?"
Re:And the worst case scenario? (Score:5, Insightful)
Re: (Score:3, Insightful)
Everything?
If you're saying that because it runs on Windows (for thick-client apps), you can point the finger at Apple just as much or more, too.
If you're talking about providing software for Windows or online services...
Re: (Score:2)
There's also Maps - http://www.bing.com/maps/ [bing.com]
Microsoft actually did maps before Google: http://en.wikipedia.org/wiki/TerraServer-USA [wikipedia.org]
Before even Google was founded.
And there's Photosynth except now it requires installation of Silverlight, which I can't be bothered to install.
Re: (Score:2, Funny)
Re: (Score:2)
Re: (Score:3, Informative)
Re: (Score:3, Insightful)
Don't be a troll. That was not the problem and you know it.
Re:And the worst case scenario? (Score:4, Informative)
Well , the being free part i guess.
Which is correct : it's not because it was free that it was a problem , but that it was completely integrated , giving it a near monopoly position in the browser market.
And in the case of IE , it's so much part of the OS , that you don't get it for free, you pay for it in the price ( the developers of IE don't work for free , they are payed with the money Microsoft gets from the sales ).
Re: (Score:2)
That is silly. Microsoft also pays people to make hotmail also free. But I don't see you bitching that people buying windows are subsidizing hotmail users. Even if it is true in some sense the complain is silly.
Re: (Score:2)
I'm guessing that's what icebraining was referring to, but no one had suggested being free was the problem.
Re: (Score:2)
A free browser? Cool, so I could download it and, say, run it under wine, completely legitly? No? (If wine won't run it due to lack of support of needed APIs, that'd be different.)
Same goes for the media player. It's free when I can decouple it from the OS it's embedded in, and run it in a compatible environment. Lack of support for other OS APIs, however, does not make it non-free. I'm fine with being able to attempt to run it under wine legally. They don't have to support wine.
Re: (Score:3, Interesting)
Live Mesh, is pretty cool.. Live Writer is actually quite good, IMO, and produces very clean HTML (at least, in my brief tests with it with Wordpress... a custom install, too, with a custom theme and everything; integrated just fine and was a very good WYSIWYG editor). Skydrive - 25gb for free - isn't too shabby, either. I don't like hotmail, but it has sure been around for a while. Bing is actually pretty nice for some things. Microsoft's birds-eye-view is sometimes very useful, and it looks like they
Privacy for what? (Score:2, Interesting)
My real concern with Google DNS is privacy. Your DNS records are extremely valuable to google, so I sincerely doubt google is not going to record them.
I'm not even entirely convinced about the benefit of using google's; your local DNS server hierarchy is going to be far more responsive, even if it does have a higher miss rate.
Re:Privacy for what? (Score:5, Insightful)
Re:Privacy for what? (Score:5, Insightful)
And what strikes me as even more silly is when people use the comeback of "But [insert person, group, company, etc] is (probably) already doing it too!" as if that justifies the actions of someone else.
Re:Privacy for what? (Score:5, Insightful)
Re: (Score:3, Insightful)
It might suprise you, but everyone has a contract with their ISP yet there are ISPs that act against their customer's best interest. That "comeback" didn't do squat. So much for accountability.
The point here is history. Show that Google is doing something wrong, and people WILL raise a stink about it. Google gets a lot of milage out of good will and that won't last long if they misstep.
Re: (Score:2, Funny)
If you're just going to be a paranoid fuck and ignore all discussion in favor of your prejudices then why even waste your time coming to this site? Obviously nobody's going to change your mind without buying you a fucking plane ticket to Google's data center so you can read the code yourself, and you're certainly not going to convince anyone of anything by making trite, sarcastic, baseless remarks. Even if someone were to take your point to heart, it still wouldn't prove what you're obviously trying to impl
Re:Privacy for what? (Score:5, Insightful)
And what strikes me as even more silly is that Google has a privacy policy for the service that says all logs are deleted after 48 hours and aren't linked back to other Google services whereas I have no privacy statement at all about DNS from my ISP (since they slipped it in silently about 4 months ago).
Re: (Score:2)
Re: (Score:2)
A 'bad' TOS is far far better than no TOS. At least if you have a bad TOS you know to avoid the service because you know what they say they can or can't do.
No TOS basicly means they could be doing anything they wanted, and you'd never know.
Re: (Score:3, Interesting)
As I said in the other story, Google stands to gain NOTHING by alienating their whole freaking market for this. Only mega nerds will bother changing their DNS to Google's since only nerds have even heard of DNS. And said nerds will abandon Google DNS in a matter of days if they fuck with the ToS. And the streisand effect would be fucking huge in the group that uses the service.
I think it is a bit more likely that Google is doing this for the da
Re: (Score:2)
Re: (Score:2)
If I hadn't already posted I'd mod that insightful.
Seriously, your ISP's have been following dirty underhanded tactics the moment you signed up, by delaying your installation, lacking in support, not offernig you full speeds, and disconnecting you when you approach your full speed. Now, given that they are in it for the money, and ALL of your traffic is going through them - they have every reason to take your information and sell it. You KNOW they have your information because the police can demand that inf
Re: (Score:2)
The one thing that strikes me as silly about the "what if Google datamines our DNS requests" concern is that those people assume their ISPs aren't already doing so.
We already know they log our search requests. Call me naive, but what are they going to do with our DNS requests? As long as they aren't injecting ads or stealing data, that is...
Re:Privacy for what? (Score:5, Interesting)
The especially odd part about the complaint is that Google has an upfront, posted policy about what they are doing as far as retaining your DNS requests, which I've never seen from an ISP.
Re: (Score:2)
The especially odd part about the complaint is that Google has an upfront, posted policy about what they are doing as far as retaining your DNS requests, which I've never seen from an ISP
Well, fine, but if a burglar puts a notice on his balaclava that he's going to rob my house I still reserve the right to prevent that from happening, polite notice or not.
Re: (Score:2)
That's a fine attitude, I suppose, but not at all relevant, since its not even remotely a good analogy to Google with regard to datamining public DNS records to uncover personal information, since that's not what their notice says they are doing with the data.
Re: (Score:2)
OK, hit the brakes for a moment. You actually believe what they say without ANY evidence to back it up?
Let me give you a heads up then. Read their privacy policy. So far, so good, no? Now read chapter 1 of their Terms of Service and see how it takes precedence over EVERYTHING else. Still feel comfortable?
I'm astonished at how much leeway Google is given in spying on everyone's life..
Re: (Score:3, Informative)
Now read chapter 1 of their Terms of Service and see how it takes precedence over EVERYTHING else.
Actually, this is quite the opposite.
1.5 If there is any contradiction between what the Additional Terms say and what the Universal Terms say, then the Additional Terms shall take precedence in relation to that Service.
In the document, "Additional Terms" refers to additional ToS documents and Privacy Policy documents, etc., and "Universal Terms" refers to this [google.com]. I think this is pretty much the most straightforward legalese I've ever seen, and it very clearly states that if the privacy policy of their DNS solution says they're not going to keep your data more than 48 hours, they are not going to, regardless of what the Universal Terms document states.
Re: (Score:2)
Choices:
1. Use my ISP, who never made any promises of privacy at all, and at least in the case of mine ALSO redirects me to an ad if I typo a DNS request (faked NX records). Comcastic!
2. Use OpenDNS, which promises not to sell.. oh, yeah, that's right, promises don't really mean anything to you from Google, then they probably don't from OpenDNS either, but anyway they make the same promises as Google. And they redirect me to an ad-laden third party site if I typo a DNS request. So I get a little more p
Re: (Score:2)
Whether I believe Google's published policy or not is rather immaterial to the criticism I presented in GP of GGP's analogy comparing Google's notice to a burglar announcing intent to rob your house.
So I congratulate you for, like GGP, posting something completely irrelevant to the material it is posted in "response" to.
Re: (Score:2, Interesting)
I'm astonished at how seriously paranoid you are. There's literally no way Google could EVER prove to you that they weren't 'spying' on you. There are almost infinitely many ways you could prove they WERE spying on you. Now who do you think would provide a guarantee against spying on you, and who do you think would simply omit the issue and do their spying without bringing attention to it? Now, where exactly in your current DNS server's TOS does it say that they don't log data?
Re:Privacy for what? (Score:4, Interesting)
An excellent point. That's why I think OpenDNS is a better option. They at least appear to give you a choice in the matter. I'm not sure Google's services are equitable. There's a good blog post from the founder of OpenDNS where he critiques Google's service. It's a good read.
http://blog.opendns.com/2009/12/03/opendns-google-dns/ [opendns.com]
Re:Privacy for what? (Score:5, Insightful)
You do realize the inherent conflict of interest in criticism from a competitor right?
Do remember that at least and load up on grains of salt.
Re: (Score:2)
You do realize the inherent conflict of interest in criticism from a competitor right?
yeah, don't listen to the competitor's arguments! also, don't listen to the defendant attorney in court cases!
c'mon, it's always important to read both sides. if they're the best they could say; but one of them is full of ad hominem's or similar bad arguments, then it's a good sign the the other side has a better point.
Re:Privacy for what? (Score:5, Informative)
For me, the dealbreaker with OpenDNS is that, when you type in a non-existant domain, OpenDNS resolves it to an IP that gives you their custom search page. The standards compliant response would be NXDOMAIN, which is what Google (and some others) provide. This alone was enough to make me switch away from OpenDNS.
Re: (Score:2)
Re:Privacy for what? (Score:4, Informative)
That may be true, but their preferences only work if OpenDNS can tell which networks are yours. They detect this [opendns.com] when you use your browser to log into the control panel, or if you install client-side software (OpenDNS Updater, which is Win\Mac only). You could do it with DynDNS [opendns.com] too, but not everyone uses that.
Anyway I'd rather not go through all that effort, and would prefer the NXDOMAIN behavior to be the default for anonymous requests.
Re: (Score:3, Informative)
It looks like you can disable this behavior [opendns.com] if you have an account. I haven't tested it extensively but it seems to work as advertised.
Re: (Score:2, Informative)
Re: (Score:3, Informative)
I think his article was well-thought-out and well articulated, but I have a few problems with it.
First, he does address Google's claim that Google does not redirect to ad-laden placeholders then cleverly redirects the argument to one of privacy. If OpenDNS is directing me to an ad-laden site if I mistype a URL or enter an invalid one, then I have a bunch of ad servers who now have my IP address and probably know what site I meant to go to. This may be better than giving all of my DNS lookups to a company,
Re: (Score:2)
Re: (Score:2)
Also, that blog post is pure PR bullshit and FUD.
Re:Privacy for what? (Score:5, Insightful)
Re: (Score:3, Interesting)
When you use GoogleDNS, you're providing the request to both of them, as your ISP can see your DNS requests anyway.
Re: (Score:3, Insightful)
First off, ANY DNS server will be getting your IP address. After all, that's how the hell it knows where to send the fracking reply.
Secondly, logging of IPs is a basic step in holding your clients accountable to make sure you aren't being abused. If some fucktard uses a hole to hack into your system, having a log of where he came from will help nail him.
Google doesn't really have a choice but to have your data. We should judge them based on what they DO with that data.
Re: (Score:2)
At least my ISP is a relatively small company who is not affiliated with Google.
Google already has my email, my searches, (some of) my IMs, my social network, my maps. There's Google Docs, too, which I don't use.
I don't need them to have my DNS records as well. If they have that too, the question becomes which information about me they don't have. And that is fucking scary.
Re: (Score:2)
Re: (Score:2)
Re:Privacy for what? (Score:5, Informative)
Their public statements say that they are not linking the requests to other Google services, and that they are discarding ip addresses within a day or two.
Re: (Score:2)
Their public statements say that they are not linking the requests to other Google services, and that they are discarding ip addresses within a day or two.
Google also has a Privacy Policy [google.com], but the thing is, it was "Last modified: March 11, 2009" and "Please note that this Privacy Policy may change from time to time."
The lack of trust that so many people are venting isn't from thin air. The US government is spying on it's own citizens (and everyone else.) Sprint is working hard setting up websites to let local law enforcement to monitor citizens. Also, there are no standards for data privacy, and companies change their own policy whenever they want and chan
Re: (Score:2)
Re: (Score:3, Insightful)
So you're saying that a clear, readable statement about privacy is more suspicious than total and complete silence on the issue? Or am I missing something? That's not really what you meant, right?
Google feels the need to do this because every time they offer a new service "privacy" is the very first word off everyone's lips. How many times have we all read diatribes against Latitude, Gmail, etc for lack of a clear disclosure of privacy terms before the service even goes beta? And now that Google has rel
Re: (Score:2)
So you're saying that a clear, readable statement about privacy is more suspicious than total and complete silence on the issue? Or am I missing something? That's not really what you meant, right?
The OP wrote that "Their public statements say..." as if it was an answer to the questions and concerns in this thread. It's not, and I tried to explain why.
Google feels the need to do this because every time they offer a new service "privacy" is the very first word off everyone's lips. How many times have we all read diatribes against Latitude, Gmail, etc for lack of a clear disclosure of privacy terms before the service even goes beta? And now that Google has released clear, plain English privacy statements about a new service, it's suspicious behavior? Sounds to me like Google is giving the general public what they asked for.
Google isn't giving the public what they want, but not for lack of trying. What the public want's (as evidenced by this discussion and many similar on other sites) is to not be spied on and have issues of data privacy resolved in a sensible and stable manner. Companies making arbitrary, complicated and changing policies isn't enough. And again, it isn't
Re: (Score:2)
Google included privacy statements about DNS when no other ISP or service does this. Why did they feel the need? You can't address this by trying to state simple facts (although appreciated) or citing particular issues.
Just because "one of these things is not like the others" doesn't mean it is wrong. It might be possible they are the only one to get it right. Or it might not even matter at all and you are pointing at shadows. So please don't say the defense of Google is wrong until you have a good reason to say their privacy statement is bad. Currently is appears to be very good and clearly worded.
Re: (Score:2)
>Their public statements say that they are not linking the requests to other Google services, and that they are discarding ip addresses within a day or two.
Right and when google started their business they didnt have a tracking cookie that expires in 2038. Things change. The DNS data has value and once google's shareholders realize this they will begin to mine it. Heck, if they dont then the executives can be sued for not running the business properly.
Re: (Score:2)
What's the most recent shareholder lawsuit you can think of?
Yes, there is a financial responsibility to shareholders. However, people love to trot this out to "prove" how a business has acted or will act, and it just doesn't fly.
The DNS data may be valuable, but customer goodwill may be more valuable (especially when loss of goodwill would decrease access to the data). The decision to retain and mine the data, or to avoid doign so, will be a business decision, and it's unlikely to result in a lawsuit eith
Re: (Score:3, Informative)
Ya know, if I had an answer to that, I might have phrased my statement a little differently.
I guess the best answer at this point is simply to point out that they haven't done a great deal to suggest that you shouldn't believe them, and on some level, they are regulated by a reasonable government (depending quite a lot on how one chooses to define reasonable).
Re: (Score:2, Flamebait)
your local DNS server hierarchy is going to be far more responsive, even if it does have a higher miss rate.
I set it up on my laptop and I can't see any difference between that and my desktop in terms of speed. I'm going to leave it on my laptop which connects through different hotspots with different DNS providers.
Google can have my DNS records while I'm on the road. I think it's a great service and the kind of really neat thing that's pretty rare in corporate culture these days. We should be giving
Re: (Score:2)
If you read about this at all, you would know that Google does use the records to generate stats (as in: people who visit slashdot.org have a 2% chance of visiting thinkgeek.com). Google claims they do not keep DNS records in a manner which can identify individuals.
That said, the big telcos can snoop your DNS queries and DO turn that info over to government agencies. If your ISP or your government want to know who Dogun of Slashdot is IRL, they need only observe that the same IP which posts as you here also
Re: (Score:2)
You are really that worries about privacy?
Every time you google, you need to be logged out of all google services: includes blogger, blogspot, picassaweb, youtube, and all the others like analytics, adsense, gmail....
Clear all your cookies.
Then reboot your home cable/dsl modem or whatever to get a new IP.
Then go ahead and do you searches.
Clear all your cookies.
Then reboot you home cable/dsl modem or whatever to get a new IP.
Then it's safe to log back in to google services.
That should cover you for all googl
Re: (Score:2)
You are really that worries about privacy?
Every time you google, you need to be logged out of all google services: includes blogger, blogspot, picassaweb, youtube, and all the others like analytics, adsense, gmail....
Clear all your cookies.
Then reboot your home cable/dsl modem or whatever to get a new IP.
Then go ahead and do you searches.
Clear all your cookies.
Then reboot you home cable/dsl modem or whatever to get a new IP.
Then it's safe to log back in to google services.
That should cover you for all googlespying that involves google analytics and tieing your search queries to you.
Oh, what's that? You aren't THAT worried?
I appreciate that taking an idea to a ridiculous extreme, noting that the extreme to which you took it is ridiculous, and then concluding that the idea is therefore inherently flawed is a common discussion tactic around here. It's a good way to support a predetermined conclusion. By "predetermined" I mean that you take a position first and then look for ways to justify it, rather than researching the issue and seeking to understand the different approaches that can be taken. In that fashion you seem to h
Re: (Score:2)
your local DNS server hierarchy is going to be far more responsive, even if it does have a higher miss rate.
I switched to OpenDNS a while back because we were having so many problems with our local ISP's DNS.
The issue, at the time, was straight-up DNS failures. I don't know if they were making changes or if someone tripped over a power cord... But we weren't able to resolve anything - even though I could ping by IP address. So I plugged in the OpenDNS servers and everything started working again.
Since that time I've done some un-scientific testing and found that OpenDNS's servers are consistently faster than m
Re: (Score:2)
This part interested me. All things being equal, you'd expect your ISP's server would respond more quickly because it's fewer hops away. However, all things are not equal because of the nature of OpenDNS. Specifically, I would assume that OpenDNS has many m
Re: (Score:2)
I have not run my own caching DNS server on my own home network.
We have plenty of customers that we support who are running their own DNS servers simply because they're using Active Directory. These days we'll typically use OpenDNS's servers just because it is one set of numbers that works regardless of who the ISP is... But I haven't really noticed much difference between using OpenDNS's servers over the local ISP's servers once you've got your own DNS in-house.
However... Given all the other issues I've
Re:Privacy for what? (Score:4, Interesting)
My real concern with Google DNS is privacy. Your DNS records are extremely valuable to google, so I sincerely doubt google is not going to record them.
I'm not even entirely convinced about the benefit of using google's; your local DNS server hierarchy is going to be far more responsive, even if it does have a higher miss rate.
So what you are saying is, you are upset at the idea of google logging your dns traffic, yet NOT upset with the idea of your ISP logging your DNS traffic and selling it to google?
Because google only gave you a legal document stating they wouldn't record your traffic longer than 48 hrs and would not tie those results with any other google service. You know, a legal document that you can use in court.
Your ISP has provided no such document, and as you admit to sincerely doubt google would avoid doing what is now illegal, so you must equally doubt your ISP would avoid doing it too, probably more so since your ISP likely has no such legal document.
Sounds to me the only way you can sleep easy at night would be to switching to google, and letting your doubt rest easy knowing you now have the law on your side, and moving away from your ISP that most likely IS (and if not, could legally do so) what you are so worried of.
I don't really get it. (Score:2, Insightful)
Yes, it might be useful for people whose ISP DNS server is slow. That didn't happen to me since my dialup days. Besides, now I simply run my own caching DNS server. It's not hard to set up at all.
Re: (Score:3, Interesting)
Re: (Score:2)
You need to be more clear about how this caching might actually take place; there is no magical program that would do this...except for a DNS server. On Linux you could be talking about nscd, but this doesn't necessarily abide by the DNS caching protocol correctly.
Re: (Score:2)
"You need to be more clear about how this caching might actually take place; there is no magical program that would do this...except for a DNS server."
In Windows, I believe it's called the DNS Client service, on OS X it's called lookupd.
A.
Re: (Score:2)
>Why waste the power? A personal use DNS server is a waste;
Who is proposing a physical box? Just run bind as a service. How much cpu power is that thing using? Honestly? Pennies a month to run the service?
Windows users can use the bind win32 port or Treewalk.
Re: (Score:2)
Guess where your caching DNS server gets its feed.
Re: (Score:2)
[a-i].root-servers.net
Re: (Score:3, Insightful)
This also helps in situations where your ISP is highjacking responses stating that a domain doesn't exist, and rerouting them to a search engine.
It's all very well having that happen for HTTP requests, but it can cause havoc with things like e-mail.
Re: (Score:3, Interesting)
Yes, it might be useful for people whose ISP DNS server is slow. That didn't happen to me since my dialup days. Besides, now I simply run my own caching DNS server. It's not hard to set up at all.
I wonder about this myself. Google is a marketing company so you would generally expect them to always appeal to the widest audience possible. As valuable as DNS service is, it's also not something that average users care about or think about. Most users who are dissatisfied with their DNS performance would say "the Internet is slow today" and not "I am experiencing unusually high latency from my ISP's DNS server". This is just a guess but they seem to be targeting two broad categories of user:
Yeah, sure, give them even more information (Score:4, Insightful)
I find it amazing that nobody seems to notice that adding an ECHELON [wikipedia.org] and a DCS1000 [wikipedia.org] feed to Google is making it like the NSA, but where people actually VOLUNTEER data. In addition, it's Terms of Service [google.com] give it more legal freedom to use and abuse your information and intellectual property than even the US border control can with accessing laptops of people entering the country.
It appears 8+ years of indoctrination is paying off big time - nobody appears to remember that privacy is a basic right [un.org]. All it takes is some BS about "not being evil" for people to miss the shocking depth to which they can access all your personal data. Even the stuff they don't hold themselves will come up through the search engine. By matching up DNS records they will be able to add your entire Internet activity to your identity.
That's going to be fun when you catch some sort of virus downloading porn - and the next time you apply for a job..
Re: (Score:2)
Sometimes freedom isn't about saying no, but about the fact that you can. I can't say no to the border patrol, I can to Google.
More relevant, I have knowledge of the border patrol misusing their power and little evidence that they've actually helped me in any concrete manner. The revese holds for Google.
Re: (Score:3, Insightful)
There's a very big difference between "government forcibly taking data from me" and "voluntarily giving up data to Google in exchange for services".
Furthermore, I simply don't care and never have. You, along with others who raise concerns about privacy interests, miss that very basic possibility. Most people just don't give a damn.
Re: (Score:2)
"if you have nothing to hide, then there isn't an issue"
Oh dear, so you post your salary and full bank statements on Facebook, leave the curtains open at night and never close the bathroom door to take a leak..
Universal declaration of human rights, article 12. Read it.
Re: (Score:2)
Re: (Score:2)
That's exactly my point - I *know* the value of my data because it's my job, and you won't catch me using Google for anything more than searching (usually via Scroogle).
That was indeed the whole argument behind my remark: look, more data you hand off - which implies I won't. I resolve in a country where data protection is very strong, so anyone wanting to use those records will still have to follow proper process. I am perfectly OK with someone having access to that data for defendable, legal reasons.
I'm
Uncaged (Score:2)
Ahhh... freedom. Finally I can view YouTube from work. That's Google! ...until the network admins block these DNS servers...
Freedom for a day is better than no freedom at all!
Re: (Score:2)
If you wanted to block outside dns, why would you blacklist instead of whitelist? Any decent firewall should be able to block DNS requests leaving the network except from the local dns server.
Re: (Score:2)
They fail at more than that.
Google DNS Benchmarks (Score:2, Interesting)
Limited privacy problem for cached routers (Score:4, Insightful)
So I am giving Google DNS a try on my networks.
I do not see the privacy issues, as they are very limited if you are using a cache on your router with Google as the DNS server. Google gets to see one lookup, and then my home router (with dnsmaque) serves any repeat visits for me or the other computers on my network. For the majority of the sites I visit on a regular basis, my router provides the DNS.
I would suspect that a majority of people using home routers have some sort of cache now in the firmware that does similar work, in their OS, or their browser. It is not like Google is able to see me hit their DNS (although I am sure that is true for some users), every time I want to visit a site again. It is of little value, other than in the most general sense of determining what sites are popular.
Everyone will have a web presence (if not already) (Score:2, Interesting)
Already banned in China (Score:3, Informative)
Re: (Score:2)
Think about it this way. You know, given the Chinese obsession over the number 8, there must be some way to make better and more profitable uses of 8.8.8.8, so they have reserved that.
% of users that don't use DHCP assigned DNS (Score:3, Interesting)
What percentage of total users use DNS that is not assigned from their ISP? I would guess a good percentage of the /. crowd uses a DNS that is not assigned via their ISP. But out of the total population of internet users, using non-IPS DNS servers has got to be pretty small.
Re:Jenny (Score:4, Funny)