Slashdot Mirror
Google Launches Public DNS Resolver
AdmiralXyz writes "Google has announced the launch of their free DNS resolution service, called Google Public DNS. According to their blog post, Google Public DNS uses continuous record prefetching to avoid cache misses — hopefully making the service faster — and implements a variety of techniques to block spoofing attempts. They also say that (unlike an increasing number of ISPs), Google Public DNS behaves exactly according to the DNS standard, and will not redirect you to advertising in the event of a failed lookup. Very cool, but of course there are questions about Google's true motivations behind knowing every site you visit."
> They also say that (unlike an increasing number of ISPs), Google Public DNS behaves exactly according to the DNS standard.
Congratulations, this would then be the first free service that I know of which doesn't do redirect ! ;-)
I setup my own DNS but I guess it is a little overkill for the common every day user. Setting your own DNS means you have to go to the network (e.g. internet) less often because your locally hosted DNS caches the already visited sites for a TTL period of time. This is especially true if you have several computers and that they tend to visit the same sites.
Let me add that if your ISP or firewall intercepts requests to port 53, you will still be stuck with it ;-(
Everything I write is lies, read between the lines.
But I thought open recursive DNS servers were bad -- haven't you heard of DNS DDoS amplification attacks? Why would Google's open recursive DNS service be any better in this regard?
Follow your Euro bills at EBT
They state very bluntly that IP addresses are expunged from the logs after 48 hours, and that no data is shared with Google Accounts or other Google services. They still get to play with a lot of aggregated data, but this seems like a fairly non-evil way to do it. Good for them. http://code.google.com/speed/public-dns/faq.html#privacy
But it sure seems like they're getting more and more of my personal information lately. What I search for, where I surf to, with my Droid where I navigate to, my e-mails, my documents. WOW.
But why would one change to use Google's DNS? If you're technical enough and care about such, you're way better off setting up your own recursive DNS server.
Google is just datamining from DNS requests here, it's another source of information. At least with your own ISP you can reasonably think that theres no datamining going on (excluding US ISP's, of course, who serve ads on non-existing domains for their users anyway)
"To try it out:
Configure your network settings to use the IP addresses 8.8.8.8 and 8.8.4.4 as your DNS servers..."
Simple enough to remember which is great. Also - could this be used to circumvent some of the internet security at some workplaces where they seem to run a blacklist of specific sites?
8.8.8.8, 8.8.4.4.
The World Wide Web is dying. Soon, we shall have only the Internet.
Forget everyday use, but on public wifi, I'm all about this!
...but of course there are questions about Google's true motivations behind knowing every site you visit.
No there aren't. You'd have to have been living under a rock for the past decade to have any questions about their motives. It's dead simple - they want to know what people are looking at so that they can better target people with advertising thereby increasing the value of their service. In return for offering various free services, all they ask for is some information on you so that they can better target advertising that interests _YOU_. It's not rocket science - it's just incredibly effective marketing.
but they didn't want too much brilliance all in one place.
Their they're doing there hair.
OpenDNS hijacks Google searches, which could be part of Google's motivation also.
fEEL FREE TO OPT OUT AT ANY TIME.
They have a great program for that!
If I had a nickel for every time I had a nickel, I'd be richcursive!
Look.. Google's in the advertising and data aggregation business, yes. But ... there is a level of suspicion and fear directed at Google that just seems extreme. Has Google actually done something "Evil" that I missed? Or it is just paranoia? I personally think that it's much more likely that OpenDNS or my ISP would do something crazy with this sort of information than Google.
"He who would learn astronomy, and other recondite arts, let him go elsewhere. " -- John Calvin, commenting on Genesis 1
They don't publish own IPv6 records via this resolver :-(
The NTP pool (which probably needs even more NTP servers, btw) was recently changed so that the project's DNS servers return a list of nearest available NTP servers when queried. If you change your settings to use Google's DNS servers, the pool will now respond with a list of NTP servers close to Google's DNS servers, which may not be what you wanted.
Follow your Euro bills at EBT
Set up your own DNS server and point it at google's.
Then you can take advantage of your cache and their cache.
google could do us a great service by also making it available on some other port, that way we can get around the ISP interception of DNS requests.
If you're on $garbage_DNS and you're served an advertisement/search page instead of NXDOMAIN, you (or your browser's auto-search) won't search Google. For that matter, just having something like this around will discourage $garbage_DNS.
Google cares about the Internet. It's where they make their money.
The World Wide Web is dying. Soon, we shall have only the Internet.
everything resolves to Google's proxies.
Really?
You, sir, are a liar.
Cue *whoosh* in 3..2.. actually, I still don't get it. Either you're trolling because you hate Google, or there's some obscure joke that I still don't understand. I really don't get how your list of crap it requires (most of which doesn't exist or doesn't apply to DNS) is funny -- are Google known for requiring random stuff like that?
I mean, they don't even touch NX:
That's more than you can say for most ISP-level resolvers.
Don't thank God, thank a doctor!
RTFA:
Google Public DNS stores two sets of logs: temporary and permanent. The temporary logs store the full IP address of the machine you're using. We have to do this so that we can spot potentially bad things like DDoS attacks and so we can fix problems, such as particular domains not showing up for specific users.
We delete these temporary logs within 24 to 48 hours.
In the permanent logs, we don't keep personally identifiable information or IP information. We do keep some location information (at the city/metro level) so that we can conduct debugging, analyze abuse phenomena and improve the Google Public DNS prefetching feature. We don't correlate or combine your information from these logs with any other log data that Google might have about your use of other services, such as data from Web Search and data from advertising on the Google content network. After keeping this data for two weeks, we randomly sample a small subset for permanent storage.
So in other words, for less than two days, their DNS log, and nothing else, will know that a particular request was made from a particular IP. Other than that, they'll know that someone from your ISP, or perhaps from your whole fscking city, made that request -- maybe. I'm guessing they'll be looking at overall trends.
Don't thank God, thank a doctor!
disregard that, I suck cocks.
"linux is just DOS with a UNIX like syntax" -- Galactic Dominator (944134)
"Google Public DNS stores two sets of logs: temporary and permanent. The temporary logs store the full IP address of the machine you're using," the company said. "We have to do this so that we can spot potentially bad things like DDoS attacks and so we can fix problems, such as particular domains not showing up for specific users. We delete these temporary logs within 24 to 48 hours.
"In the permanent logs, we don't keep personally identifiable information or IP information. We do keep some location information (at the city/metro level) so that we can conduct debugging, analyze abuse phenomena and improve the Google Public DNS prefetching feature. We don't correlate or combine your information from these logs with any other log data that Google might have about your use of other services, such as data from Web Search and data from advertising on the Google content network. After keeping this data for two weeks, we randomly sample a small subset for permanent storage."
Except that Google only stores records for 24-48 hours and then deletes them and does not share the data with its ads department or any other Google services.
http://www.chaotickingdoms.com
OpenDNS is not hijacking google searches. They simply fix broken google searches.
Oh crap! I reported the Minimum time, not the average! Here is the full report:
(Min | Avg | Max | Std.Dev |Reliab%)
My university:
Cached Name | 0.001 | 0.002 | 0.003 | 0.000 | 100.0
Uncached Name | 0.008 | 0.060 | 0.225 | 0.065 | 100.0
DotCom Lookup | 0.181 | 3.984 | 4.203 | 0.633 | 100.0
OpenDNS (208. 67.220.220)
Cached Name | 0.005 | 0.006 | 0.008 | 0.001 | 100.0
Uncached Name | 0.008 | 0.066 | 0.190 | 0.053 | 100.0
DotCom Lookup | 0.009 | 0.131 | 0.198 | 0.064 | 100.0
Level 3 (4. 2. 2. 3)
Cached Name | 0.024 | 0.025 | 0.028 | 0.001 | 100.0
Uncached Name | 0.026 | 0.071 | 0.206 | 0.056 | 100.0
DotCom Lookup | 0.025 | 0.081 | 0.191 | 0.058 | 100.0
Google (8.8.8.8)
Cached Name | 0.044 | 0.061 | 0.206 | 0.038 | 100.0
Uncached Name | 0.048 | 0.144 | 0.322 | 0.075 | 97.9
DotCom Lookup | 0.069 | 0.158 | 0.261 | 0.051 | 100.0
No, but we're smart enough to realize that no one is going to pay out of pocket to provide all the services that Google does for free with no revenue model at all, not even to pay for the infrastructure servers and network necessary to do it.
I'll make you a deal. Multi-billionaire technology philanthropist that you seem to be, you set up a company to compete with Google, one that provides all that they do and that has exactly zero sources of revenue, and I'll willingly become your fanboy.
The practical situation is that there ain't no such thing as a free lunch. When Google came along, we were headed towards every web site--especially search engines and directories--pushing out more and more pop-ups, pop-unders, interstitials, graphics-heavy, annoying ads, and they changed that. God forbid any of them actually contribute back to the community in the form of numerous open source projects and free services.
Google changed all that by providing a much more customer-friendly "less is more" philosophy, and their customers have supported their efforts in a very free market-friendly way. So while you can take potshots at targeted advertising if you want, I honestly can't think of a less obtrusive and relatively harmless revenue model that can support all that Google does and how much they are contributing to advancing technology.
While I'd love for someone to volunteer to do all that Google does without making money for it, given that that's not going to happen, yeah, targeted advertising is about the least annoying way I can think of to get the bills paid and continue providing service.
Google is datamining everywhere and everything already.
When I first read about this, I immediately thought about datamining. But after another second, I figured that I would prefer Google to have this information than Verizon (where my caching DNS server currently forwards to). It is true that Google is better at datamining, but do keep in mind that whoever is providing your DNS service has the information about your DNS requests.
Another difference between Google and your ISP is that your ISP knows who you are from your IP address. So they can link DNS resolution requests to specific, named, customers. Google can't do that directly.
Prime numbers are exactly what Alan Greenspan says they are -S. Minsky