Gmail is still the best online email application there is.
I disagree, I personally prefer Zimbra's system.
Its labeling system is second to none and has been VERY useful in keeping track of all the various projects I'm working on at any time, particularly if you turn on nested labels.
Zimbra takes this a step further by supporting folders and tags.
First and foremost, Mac programs tend to come in application bundles.
All I have to say to that is - I am glad I don't have to help users find where they drag and dropped their apps (of which they can't even remember the name of) anymore.
You have very selective reading. I've clearly stated numerous times now that in practice, it essentially doesn't matter. There is no notable difference taking any effect here. You choose to ignore it, repeatedly.
That setup still consumes more power than NOT running a program, as well as CPU cycles + RAM & other forms of I/O (diskbound operations for example).
Sure, it will have an impact, but not enough to mean anything at all on my system. As noted before, it's usage didn't effect power consumption. I noted doing the equivalent configurations I do with a hosts file instead would likely increase I/O, CPU and memory due to it's lack of support for things like wildcards, thus requiring a list of every possible combination of a domain if I wanted to block it. Not to mention the fact that when I block an address, the browser gets told there is no suitable response for it's DNS query means that it doesn't even attempt to try to do a connection over TCP, and wasting browser resources.
I'm not buying your arguments have any realistic meaning on modern day computers such as mine.
Nobody's going to tell me that running more than 1 machine isn't going to eat more power, & by your running a separate DNS server there? You are.
Uhm, I said:
Only reason why the DNS server would be down on my system is if I shutdown the daemon or turned off the computer - It runs on the same system and makes little difference when it comes to performance since my Linux systems use caching DNS daemons otherwise.
In other words, no, I don't run a separate machine for DNS, my workstation has it's own DNS server setup - Which is by the way is installed and setup by default setup by the OS under the forward+caching configuration - I only changed it's configuration slightly to support read zone files for blocking domains. Turning off the daemon showed no real difference in power consumption.
There is though, & YOU DON'T DENY IT (in terms of CPU cycles used, RAM used, Other forms of I/O occurring, unnecessary layering of things onto the IP stack, & also electrical power usage & thus, HIGHER BILLS, by running your own LOCAL DNS SERVER (especially a separate machine)).
For some reason you don't understand, "Electricity wise, not enough to make any noticeable difference on my wattage meter when I turned the DNS server off." - In other words, it's highly unlikely I would see any difference in my electrical power usage. Wattage is a way to express power usage. No notable difference would mean that the numbers being returned is not showing any variance that seems any different from before.
Tell that to your utility company, above ALL else, from what I enumerated above (which you have already conceded I am correct on)...
They also use wattage measurements.
You must be EXTREMELY WEALTHY then, to be able to cavalierly blow off saving power, let alone performance dragging unnecessary & truly UNNEEDED apps like a local DNS server (& especially on another system entirely rather than just as a local service on a single machine).
According to the data I have here, there is no difference in cost for me.
I don't need to do any more
Again, I am addressing my uses, not yours.
As far as hardcodes of my favs which resolves FASTER than calling out to remote DNS servers, even safer ones like I use? That's purely up to me!
I told you I am using forwarding, not recursion with Google DNS, which means it asks Google's DNS servers for queries that aren't filtered through an authoritative zone.
I've done that MANY times on DNS servers (had to, part of the job as a network admin, but I moved onto tougher jobs, coding, about the 5th yr. of my professional career in the art & science of computing).
Listen mad Guy, I don't know why. But for some reason you think I'm advocating some solution for you, I am going to clarify, I am not. I have never made any of my posts here to imply these are solutions for you. I am highlighting why hosts is not a viable solution for me.
Ah, but you DO CONCEDE IT USES MORE POWER... period (good enough for me, you fail here & in the same stroke, prove my point for me).
Actually, I pointed out there was no notable difference. You should really be taking from that that, that if it does have an impact, it's so small, it doesn't matter. Your point really means nothing for my uses in practice and that is what I am getting at.
Ah, again - Yet, You DO CONCEDE IT USES MORE CPU CYCLES... you have to:
It uses so many more CPU cycles that I can't even get it to slow down any sorts of intensive processes on my system by any notable differences when it's on or off in practice? This is why not a single fuck is given.
First - WTF? How do you figure I need to do MORE than block a domain-hostname (major parent one) or a subdomain??
I am not talking about you.
Beg to differ - you seem to COMPLETELY AVOID THE FACT THAT BY RUNNING "MIXED MODE" & using TCPYOU INTRODUCED "callback" overheads TCP uses (whereas UDP does not).
I don't know, the overhead of packet loss and numerous rerequesting might be far worse, since a lot of that won't be done on the kernel, router level? Notable overhead that is adversely effecting everything? Not seen it either.
Such as what? Tell you what - You PROVE to me you can do more for less than a custom hosts file does & ESPECIALLY FOR LESS?? You'll have made a point!
Blocking an entire domain:
$ORIGIN example.com. $TTL 1h example.com. IN SOA (0 1d 1d 1d 1d)
Do the same with a hosts file and you have to come up with every possible combination to block every subdomain too.
Facts, are facts... that I write my own wares, & doubtless BEFORE YOU WERE BORN I'd possibly wager & did pretty damned well @ it... proof?
What I take from this is that you're saying is, you're really mad because an 'end-user' or 'script kiddy' as you put it can grasp how to configure a DNS server with little effort and cannot see your arguments being of any note in practice and you need to try to push 'authority' on the subject by posting your CV / resume.
If it makes you feel any better, I didn't remember you. But wow, u really mad, bro.
LOL, oh, really? Ok - answer these questions then:
1.) Does another layer of crap ontop of the IP stack create more overheads in electricity usage, cpu usage, memory usage, & other forms of I/O usage??
Electricity wise, not enough to make any noticeable difference on my wattage meter when I turned the DNS server off. CPU usage, not enough to even be noticed as clarified before with my compilation test. Memory usage, I'm sceptical that a wildcard in a DNS server for a specific domain is going to use more memory than inserting every single possible combination of addresses for a specific hostname in a hosts file and I cannot be assed to write a generator to test it out. I/O wise, having a really huge list because of previous reason, yeah...
Let's not forget that without this DNS server, I wouldn't have DNS caching on my system, so by removing the DNS server, I lose DNS caching too.
2.) Does DNS have KNOWN ISSUES, big ones???
Yes. However those issues do not effect me.
LMAO... oh, so reading up lists for local DNS servers doesn't take time either? Tell us another one, ok?? Man, you are MAKING ME LAUGH!
All my zones are split into separate files, although if you wanted it all in one file, I guess that works too.
And, they're harder to understand & more complex than hosts files entries (no doubt about it, as I have edited them myself more than a few times over decades).
You can do far more than a hosts file with it, so of course it's going to have more functionality. As for understanding, for me it's simple.
Your skill level in computing appears to be little better than a script kiddie/end user - after all, did YOU write your DNS server program?
Hey guys, if you don't write your own DNS server, you're a script kiddy.
You didn't read the list of problems DNS has I listed (numerous ones)... & get ready for July 9th 2012 "DNSChanger purge day" is all I can say ontop of that!
You came up with things that were not relevant to me. I'm not infected by DNSChanger for example and have not experienced issues caused by it, and I doubt I ever will. Your forgot to mention that there is malware out there, that will also modify your hosts file, as opposed to DNS server settings - Both can be equally exploited this way.
It's there though and, it's in favor of hosts files (especially once cached for sites you block in it, and even vs. B-Tree seeks up to 2 million or so records for around 20 of your favorites placed @ the TOP of a custom hosts file - do the math, you'll see).
To be honest, hosts would likely be slower for what I do in DNS. An example of doing a wildcard in hosts would require me to generate a hosts file that had very single combination of a subdomain and it's subdomains for each domain blacklisted. I'm pretty sure hosts would end up using more memory and be slower with that amount of records. Not to mention notepad would likely lock up for a good long while, considering it stalls loading file that are 1MiB, never mind larger files.
But as for the actual impact of my DNS server. I'm not seeing any time difference on my system while running a compile on one of my large projects when I turn the DNS server on or off with dig running in a bash script while loop performing a look up,
What exactly am I supposed to be crying about? I'm not seeing the impact at all on my system.
ARE YOU SETUP IN RECURSIVE MODE?
No, it's mixed mode. Any zones that are setup authoritative for blocking in the name server are not recursive, just like with a hosts file, it won't go out and attempt to resolve it and it's superior in the way that it won't even resolve an IP address, so the browser won't even try connecting to the address because it was told there was no records available for that type of query.
For anything that isn't blocked, the DNS server uses forwarding mode, using TCP instead of UDP with Google DNS.
Answer the question above, & tell us - IS IT POSSIBLE for you & are you in "recursive mode" there for your local DNS server (wasting more electric power, cpu cycles, memory, & other forms of I/O running it locally)?
By default the dns caching daemons in various Linux distros are actual DNS servers that are setup in forwarding, cache mode. I've only modified my setup to act as an authority DNS server for domains I want to block too.
Again - if so? You're DNS server can EASILY be "dns poisoned" redirected... and, you KNOW it.
Even if I switched to recursive mode, it wouldn't be vulnerable, since I have the server set to use TCP instead of UDP for queries.
Editing a text file like hosts is FAR easier... and you know it (anyone can use notepad.exe OR other text editors, after all!)
My zone files are plain text and can be edited by any sane text editor?
Aha - YOU ADMIT THE TRUTH... I love it!
The truth that I need to type out an SOA line at the top of a zone file? Oh nos.
Above all else - Ash-Fox is TRYING TO TELL US "DNS HAS NO ISSUES"?
No, I told you I don't have issues. I even explained to you in my initial post why I don't use hosts file, which was to do with the fact you couldn't have a wildcard entry.
(For the curious: I initially started using TCP because of packet loss issues on my home Internet, then later saw no need to change it as it didn't effect my DNS resolution enough to be an annoyance.)
1.) If a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 2-4 next below, & especially vs. the July 12th 2012 "DNSChanger" trojan purge that's coming soon (those folks won't get to sites if infested - I will, due to hardcodes in my hosts file of my fav. 20 sites + using BETTER filtering DNS servers (see list below))...
Only reason why the DNS server would be down on my system is if I shutdown the daemon or turned off the computer - It runs on the same system and makes little difference when it comes to performance since my Linux systems use caching DNS daemons otherwise.
2.) Custom hosts files allow 'hardcodes' of your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, OR make you reach them faster since you resolve host-domain names LOCALLY w/ hosts out of cached memory, hosts do ALL of those things (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions (in-addr.arpa) via NSLOOKUP, PINGS (ping -a in Windows - functions for "reverse DNS lookups"), &/or WHOIS though, regularly, so you have the correct IP & it's current)).
I haven't noticed the difference honestly, it's that insignificant. Maybe if I was still on a 200Mhz system though...
3.) Hosts files don't eat up CPU cycles (or ELECTRICITY) like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs.
The DNS caching daemon most distros use end up being just specialized configurations of DNS servers. Sorry, I don't run my systems without a DNS cache, so I'm unlikely to see any of these benefits. Nor do I even notice any CPU usage being used up from using it?
4.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than remote DNS servers can, by FAR (by saving the roundtrip inquiry time to a DNS server, typically 30-100's of ms, vs. 7-10ms HardDisk speed of access/seek + SSD seek in ns, & back to you - hosts resolutions of IP address for host-domain names is FAR faster...). Hosts are only a filter for an already fast & efficient IP stack, no more layered b.s. (remote OR local). Hosts eat less CPU, RAM, I/O in other forms, + electricity than a locally running DNS server easily, and less than a local DNS program on a single PC. Fact. Hosts are easier to setup & maintain too.
Dig measured 1ms time for a query for www.google.com ?
5.) DNS servers are programs, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.
Sorry, I don't understand. If I made my DNS server an authoritative server for a domain to block access to the domain, how does an exploit to do with resolving, which means my DNS server will not even attempt or accept resolution for that domain mean it will get effected by that particular exploit?
7.) With DNS servers, you must prepare for learning more than
The reason why I would rather use blocking in my DNS server or software over the hosts file is because the hosts file cannot block hostnames on the basis of wildcards.
Also, a question for you, why do so many host file blocking providers use 127.0.0.1 instead of 0.0.0.0 (also can be shortened down to just '0' on many OSes, thereby saving memory) or 255.255.255.255? I find the fact the browser tries to establish a TCP connection is fairly annoying and slows down browsing more so than the addresses I have provided.
Not only are package names wildly different and inconsistent on each linux platform, but library features, header locations and even library names are all subtly different. All this means wasted time for developers and nasty workarounds in the code base when trying to compile for more than one Linux distro.
Sir, you talk rubbish. The common Linux distributions don't change what features libraries support in a given version. Library names are rarely renamed (only cases I know of are due to package conflicts). Location of header files, library locations - These are all for autoconfig to figure out when compiling a library - The developer doesn't need to do any 'nasty workarounds'.
Getting something to compile between different distros is no walk in the park, let me assure you.
So.. What's your contact info? I want to collect on your assurance policy.
I love open source, but it's built on peoples free time.
I await your citations disproving the various people paid to work on Linux were actually not paid and doing it just on their free time (yes, I'm aware there are those that do, do it in their free time, but I'm not disputing those).
What matters are the social norms surrounding privacy
Social norm is to ignore it.
if most people expect privacy
I've had enough conversations with people regarding privacy to realize that people don't even think about it, so the idea they were expecting it is ludicrous. It's the same old story, they never thought about privacy before, they see something that makes them think about it, get outraged, only seeing it from their small point of view. A logical discussion ensues, and generally the outcome is that people need to be informed about this, of which often they were in their job contract or they continue down the line of logic that would make you a social hermit if you followed it.
To go back to my well used example, an employer wouldn't be able get away with putting "we will film you using the toilet" in their policy.
I don't know... If you put it in your work contract, I'm not sure what the legal ramifications are, how are you so certain?
Uhm, isn't it obvious? Some work places may have a policy where everyone is meant to have a super level of privacy - In which cases the people making that assumption wouldn't be wrong, no?
Slashdot Mirror
I disagree, I personally prefer Zimbra's system.
Zimbra takes this a step further by supporting folders and tags.
I personally prefer Zimbra.
All I have to say to that is - I am glad I don't have to help users find where they drag and dropped their apps (of which they can't even remember the name of) anymore.
I guess you forgot to use Metro.
*middle clicks the already started Firefox pinned item*
*Firefox opens new window*
Works for me?
Pretty sure Xandros fits that description better.
When was the last time there was a massive failure like this from a major high street bank? I really cannot remember.
Not really, if your 'bank' on Bitcoin like flexcoin had issues like this, I fail to see how Bitcoin would make it work.
They've already been answered, your selective reading is preventing you from seeing them, bro.
Wow bro, your selective reading is pretty bad.
You have very selective reading. I've clearly stated numerous times now that in practice, it essentially doesn't matter. There is no notable difference taking any effect here. You choose to ignore it, repeatedly.
Sure, it will have an impact, but not enough to mean anything at all on my system. As noted before, it's usage didn't effect power consumption. I noted doing the equivalent configurations I do with a hosts file instead would likely increase I/O, CPU and memory due to it's lack of support for things like wildcards, thus requiring a list of every possible combination of a domain if I wanted to block it. Not to mention the fact that when I block an address, the browser gets told there is no suitable response for it's DNS query means that it doesn't even attempt to try to do a connection over TCP, and wasting browser resources.
I'm not buying your arguments have any realistic meaning on modern day computers such as mine.
Uhm, I said:
In other words, no, I don't run a separate machine for DNS, my workstation has it's own DNS server setup - Which is by the way is installed and setup by default setup by the OS under the forward+caching configuration - I only changed it's configuration slightly to support read zone files for blocking domains. Turning off the daemon showed no real difference in power consumption.
For some reason you don't understand, "Electricity wise, not enough to make any noticeable difference on my wattage meter when I turned the DNS server off." - In other words, it's highly unlikely I would see any difference in my electrical power usage. Wattage is a way to express power usage. No notable difference would mean that the numbers being returned is not showing any variance that seems any different from before.
They also use wattage measurements.
According to the data I have here, there is no difference in cost for me.
Again, I am addressing my uses, not yours.
I told you I am using forwarding, not recursion with Google DNS, which means it asks Google's DNS servers for queries that aren't filtered through an authoritative zone.
Cool story, bro.
Listen mad Guy, I don't know why. But for some reason you think I'm advocating some solution for you, I am going to clarify, I am not. I have never made any of my posts here to imply these are solutions for you. I am highlighting why hosts is not a viable solution for me.
Actually, I pointed out there was no notable difference. You should really be taking from that that, that if it does have an impact, it's so small, it doesn't matter. Your point really means nothing for my uses in practice and that is what I am getting at.
It uses so many more CPU cycles that I can't even get it to slow down any sorts of intensive processes on my system by any notable differences when it's on or off in practice? This is why not a single fuck is given.
I am not talking about you.
I don't know, the overhead of packet loss and numerous rerequesting might be far worse, since a lot of that won't be done on the kernel, router level? Notable overhead that is adversely effecting everything? Not seen it either.
Blocking an entire domain:
Do the same with a hosts file and you have to come up with every possible combination to block every subdomain too.
What I take from this is that you're saying is, you're really mad because an 'end-user' or 'script kiddy' as you put it can grasp how to configure a DNS server with little effort and cannot see your arguments being of any note in practice and you need to try to push 'authority' on the subject by posting your CV / resume.
If it makes you feel any better, I didn't remember you. But wow, u really mad, bro.
Electricity wise, not enough to make any noticeable difference on my wattage meter when I turned the DNS server off. CPU usage, not enough to even be noticed as clarified before with my compilation test. Memory usage, I'm sceptical that a wildcard in a DNS server for a specific domain is going to use more memory than inserting every single possible combination of addresses for a specific hostname in a hosts file and I cannot be assed to write a generator to test it out. I/O wise, having a really huge list because of previous reason, yeah...
Let's not forget that without this DNS server, I wouldn't have DNS caching on my system, so by removing the DNS server, I lose DNS caching too.
Yes. However those issues do not effect me.
All my zones are split into separate files, although if you wanted it all in one file, I guess that works too.
You can do far more than a hosts file with it, so of course it's going to have more functionality. As for understanding, for me it's simple.
Hey guys, if you don't write your own DNS server, you're a script kiddy.
You came up with things that were not relevant to me. I'm not infected by DNSChanger for example and have not experienced issues caused by it, and I doubt I ever will. Your forgot to mention that there is malware out there, that will also modify your hosts file, as opposed to DNS server settings - Both can be equally exploited this way.
To be honest, hosts would likely be slower for what I do in DNS. An example of doing a wildcard in hosts would require me to generate a hosts file that had very single combination of a subdomain and it's subdomains for each domain blacklisted. I'm pretty sure hosts would end up using more memory and be slower with that amount of records. Not to mention notepad would likely lock up for a good long while, considering it stalls loading file that are 1MiB, never mind larger files.
But as for the actual impact of my DNS server. I'm not seeing any time difference on my system while running a compile on one of my large projects when I turn the DNS server on or off with dig running in a bash script while loop performing a look up,
What exactly am I supposed to be crying about? I'm not seeing the impact at all on my system.
No, it's mixed mode. Any zones that are setup authoritative for blocking in the name server are not recursive, just like with a hosts file, it won't go out and attempt to resolve it and it's superior in the way that it won't even resolve an IP address, so the browser won't even try connecting to the address because it was told there was no records available for that type of query.
For anything that isn't blocked, the DNS server uses forwarding mode, using TCP instead of UDP with Google DNS.
By default the dns caching daemons in various Linux distros are actual DNS servers that are setup in forwarding, cache mode. I've only modified my setup to act as an authority DNS server for domains I want to block too.
Even if I switched to recursive mode, it wouldn't be vulnerable, since I have the server set to use TCP instead of UDP for queries.
My zone files are plain text and can be edited by any sane text editor?
The truth that I need to type out an SOA line at the top of a zone file? Oh nos.
No, I told you I don't have issues. I even explained to you in my initial post why I don't use hosts file, which was to do with the fact you couldn't have a wildcard entry.
(For the curious: I initially started using TCP because of packet loss issues on my home Internet, then later saw no need to change it as it didn't effect my DNS resolution enough to be an annoyance.)
Only reason why the DNS server would be down on my system is if I shutdown the daemon or turned off the computer - It runs on the same system and makes little difference when it comes to performance since my Linux systems use caching DNS daemons otherwise.
I haven't noticed the difference honestly, it's that insignificant. Maybe if I was still on a 200Mhz system though...
The DNS caching daemon most distros use end up being just specialized configurations of DNS servers. Sorry, I don't run my systems without a DNS cache, so I'm unlikely to see any of these benefits. Nor do I even notice any CPU usage being used up from using it?
Dig measured 1ms time for a query for www.google.com ?
What bugs have I experienced again?
Sorry, I don't understand. If I made my DNS server an authoritative server for a domain to block access to the domain, how does an exploit to do with resolving, which means my DNS server will not even attempt or accept resolution for that domain mean it will get effected by that particular exploit?
The reason why I would rather use blocking in my DNS server or software over the hosts file is because the hosts file cannot block hostnames on the basis of wildcards.
Also, a question for you, why do so many host file blocking providers use 127.0.0.1 instead of 0.0.0.0 (also can be shortened down to just '0' on many OSes, thereby saving memory) or 255.255.255.255? I find the fact the browser tries to establish a TCP connection is fairly annoying and slows down browsing more so than the addresses I have provided.
Sir, you talk rubbish. The common Linux distributions don't change what features libraries support in a given version. Library names are rarely renamed (only cases I know of are due to package conflicts). Location of header files, library locations - These are all for autoconfig to figure out when compiling a library - The developer doesn't need to do any 'nasty workarounds'.
So.. What's your contact info? I want to collect on your assurance policy.
I await your citations disproving the various people paid to work on Linux were actually not paid and doing it just on their free time (yes, I'm aware there are those that do, do it in their free time, but I'm not disputing those).
Sucky boss.
Social norm is to ignore it.
I've had enough conversations with people regarding privacy to realize that people don't even think about it, so the idea they were expecting it is ludicrous. It's the same old story, they never thought about privacy before, they see something that makes them think about it, get outraged, only seeing it from their small point of view. A logical discussion ensues, and generally the outcome is that people need to be informed about this, of which often they were in their job contract or they continue down the line of logic that would make you a social hermit if you followed it.
I don't know... If you put it in your work contract, I'm not sure what the legal ramifications are, how are you so certain?
My rate is 38USD an hour.
Note: I am not the ground parent
Uhm, isn't it obvious? Some work places may have a policy where everyone is meant to have a super level of privacy - In which cases the people making that assumption wouldn't be wrong, no?