Tell me more x
, there is a new speed test available. Give it a try, leave feedback!
dslreports logo
 
    All Forums Hot Topics Gallery
spc

spacer

Search Topic:
uniqs
3
share rss forum feed


dcurrey
Premium
join:2004-06-29
Mason, OH

2 recommendations

reply to FFH5

Re: Funny coming from a site who's business based on blacklists

Here is the difference. You pick what you don't want not some Government removing what they see fit for any reason they please.


FFH5
Premium
join:2002-03-03
Tavistock NJ
kudos:5
said by dcurrey:

Here is the difference. You pick what you don't want not some Government removing what they see fit for any reason they please.

With OpenDNS you usually pick categories where OpenDNS decides which websites are in the block list. It is different than a gov't block, but not that much different.


ArrayList
DevOps
Premium
join:2005-03-19
Brighton, MA

1 recommendation

no. you can blacklist a category and if a site is in that category you can whitelist the site. final control with opendns goes to the administrator not some sock puppet in the department of justice.


DaSneaky1D
what's up
Premium,MVM
join:2001-03-29
The Lou
reply to FFH5
The real question is, at what level does the government-controlled blacklist operate? With OpenDNS, a user has to opt-in to OpenDNS's service. Does the proposed gov blacklist restrict domain resolution regardless of what DNS server you use?


markofmayhem
Why not now?
Premium
join:2004-04-08
Pittsburgh, PA
kudos:5

1 recommendation

reply to FFH5
said by FFH5:

said by dcurrey:

Here is the difference. You pick what you don't want not some Government removing what they see fit for any reason they please.

With OpenDNS you usually pick categories where OpenDNS decides which websites are in the block list. It is different than a gov't block, but not that much different.

Differences:

I can pick what to block/allow -OpenDNS: Yes -COICA: No
I can block "copyright infringement" -OpenDNS: No -COICA: Yes
Clear definition of what is blocked exists -OpenDNS: Yes -COICA: No
I can chose an alternate service/method -OpenDNS: Yes -COICA: No
Blacklist commitment is reversable -OpenDNS: Yes -COICA: No

Those differences alone seem much, much different to me.

The real issue I have is that COICA will become the new "Cease and desist" letter of the DCMA; instead of just being guilty until proven innocent, domains will be inoperable until proven innocent under COICA.
--
Show off that hardware: join Team Discovery and Team Helix

amungus
Premium
join:2004-11-26
America
Reviews:
·Cox HSI
·KCH Cable

1 recommendation

reply to FFH5
I would agree w/the blog post's assertion that the differences are "stark." The choice for a person, a business, a school, etc. to run this on THEIR network is just that - their choice.

Having no choice whatsoever, on any network, even one that you are managing, is different.

Kind of interesting to see their take on it, coming straight from a business who already knows that DNS level blocking is possible.

Even with secure DNS, and even if all the root servers play along with the proposed bill, it'll only force the hand of those who disagree and create even more havoc on the 'net.

As if all the spyware, spam, scams, let alone very evil things online aren't bad enough. Worrying about some "possibly" infringing site seems like a waste of time compared to all the seriously evil things online.


Edrick
I aspire to tell the story of a lifetime
Premium
join:2004-09-11
Woburn, MA
reply to FFH5
said by FFH5:

said by dcurrey:

Here is the difference. You pick what you don't want not some Government removing what they see fit for any reason they please.

With OpenDNS you usually pick categories where OpenDNS decides which websites are in the block list. It is different than a gov't block, but not that much different.

Holy smokes your post reeks of arrogance. Apparently you must not work in IT. There's a huge difference between what corporations, businesses, and home users can do with selecting their own sites to block and a full out government can block whatever they want while we have no choice.

As a corporation I can choose to block wikileaks if I want to, I don't need Uncle Sam telling me my workers cant view it.

Have you never heard of SonicWall or the other variants of corporate filtering? Same concept as OpenDNS. NOT the same concept as what Uncle Sam wants.
--
Edrick Smith
Independent Film & Broadcast Producer
»edricksmith.com

AlfredNewman

join:2010-03-25
Columbus, OH
reply to ArrayList
Just turn off the internet Al, we obviously don't know how to use it or so say the ISPs and the Gov. always knows what is best for us, less internets is the key.


Jason Levine
Premium
join:2001-07-13
USA
reply to FFH5
There's one big difference. If I don't like OpenDNS's categories, I can stop using them and use some other blacklist provider. If I don't like the US Government's blacklist, how do I use a different one? (Short of moving out of the country which is much harder than changing which DNS provider you use.)
--
-Jason Levine


ArrayList
DevOps
Premium
join:2005-03-19
Brighton, MA
reply to AlfredNewman
if this keeps up I will unplug the linksys and everyone will be up a creek.


Jason Levine
Premium
join:2001-07-13
USA
reply to AlfredNewman
1) Does Al Gore have to consult with the Elders of the Internet?
2) Don't you know what would happen if the Internet were turned off (or destroyed)?

»www.youtube.com/watch?v= ··· =related



--
-Jason Levine


DrDrew
That others may surf
Premium
join:2009-01-28
SoCal
kudos:20
reply to markofmayhem
said by markofmayhem:

I can block "copyright infringement" -OpenDNS: No -COICA: Yes

Mark that a big fat NO on block "copyright infringement"

If the copyright infringers off shore their DNS name registry service and downloaders use DNS servers outside of US control, like say Canada, Montenegro, Switzerland, China, or any other country.... this doesn't seem like it'll block or stop much.

It'll just make it SLIGHTLY inconvenient...
--
If it's important.... back it up... twice.


davidu

join:2006-12-28
San Francisco, CA

1 recommendation

reply to FFH5
It's entirely different. You can override all our categories, and most of our categorization is community-sourced. It's not even remotely similar.
--
We're hiring people at OpenDNS. Are you an amazing programmer?


FFH5
Premium
join:2002-03-03
Tavistock NJ
kudos:5
reply to DrDrew
said by DrDrew:

If the copyright infringers off shore their DNS name registry service and downloaders use DNS servers outside of US control, like say Canada, Montenegro, Switzerland, China, or any other country.... this doesn't seem like it'll block or stop much.

It'll just make it SLIGHTLY inconvenient...

More than slightly inconvenient for MOST internet users. Maybe slightly inconvenient for those types of users who go to BBR and will work at bypassing restrictions. But this is a numbers game, and a large part of the internet universe won't bother digging up a blocked service once it is blocked.


FFH5
Premium
join:2002-03-03
Tavistock NJ
kudos:5
reply to davidu
said by davidu:

It's entirely different. You can override all our categories, and most of our categorization is community-sourced. It's not even remotely similar.

Yes. I read your blog entry. And you go to great pains to explain the differences between OpenDNS and COICA as regards block lists. But it is still in your best financial interests if COICA is not passed. And most times at BBR that conflict of interest is mentioned. Just thought it should be mentioned now as well, since conflicts of interest weigh on evaluating the arguments of a commenter on a subject.


markofmayhem
Why not now?
Premium
join:2004-04-08
Pittsburgh, PA
kudos:5
reply to DrDrew
It'll be slightly inconvenient until ISP's are subject to be cops against such offshore DNS service:

(i) a service provider, as that term is defined in section 512(k)(1) of title 17, United States Code, or other operator of a domain name system server shall take reasonable steps that will prevent a domain name from resolving to that domain names Internet protocol address;

Kinda vague, it's the shadows that can be scary As-is, the offshore DNS would certainly provide access, until more money is dumped into election campaigns and the "or" in this clause is changed to an "and" and a (i)(I) paragraph is added underneath it: "Domestic service providers, as that term is defined in section 512(k)(1) of title 17, United States Code, may only allow domain names to be resolved by servers in compliance with this act."

Or something to that effect... still "free" to choose, but routing will blacklist (or whitelist) access to DNS servers. And this is where OpenDNS begins to speak with interest... loudly.
--
Show off that hardware: join Team Discovery and Team Helix


rchandra
Stargate Universe fan
Premium
join:2000-11-09
14225-2105

1 edit
reply to FFH5
I totally reject your premise.

One's own choice on OpenDNS' Web page takes << one minute. Changing a government decision blocking DNS entries takes (I'm pretty sure) at the very least, bare minimum, days, if one can even get a TRO. In the worst case it takes years of electing a different legislator and passing a law repealing another law.

Changing one's OpenDNS settings costs one such an exceedingly small fraction of one's monthly Internet access so as to call it "free," or worst case, something less than a dollar in mobile network access (if paying by the megabyte). I'm reasonably certain taking any legal action, unless you're insane and going to do it pro se, is going to cost plenty, and I can imagine at the very least, court costs.

If one changes one's OpenDNS settings, that person effectively affects noone else's DNS lookups; government altering the operation of DNS alters it for an entire jurisdiction, likely the entire nation and quite possibly globally. (Somehow I doubt Cheektowaga could do this sort of thing, but it could be any level of that, Erie County, NY, US, or global for me.)

The similarity ends (rather abrubtly IMHO) at "some other entity deciding my DNS choices." EDIT: People already do that (a large proportion of them too) when they just accept whatever is disseminated (via DHCP, PPP(oE), informational Web page, etc.) by their ISP.
--
English is a difficult enough language to interpret correctly when its rules are followed, let alone when a writer chooses not to follow those rules.


Jeopardy! replies and randomcaps REALLY suck!


DrDrew
That others may surf
Premium
join:2009-01-28
SoCal
kudos:20
reply to markofmayhem
said by markofmayhem:

It'll be slightly inconvenient until ISP's are subject to be cops against such offshore DNS service:

Unless ISPs start inspecting packets and blocking packets to other DNS servers they'll have a hard time blocking users DNS requests to other servers.

Just blocking to port 53 won't do it for long to those interested in such things. My router already allows for other ports besides 53 to be used.
--
If it's important.... back it up... twice.


DrDrew
That others may surf
Premium
join:2009-01-28
SoCal
kudos:20
reply to FFH5
said by FFH5:

More than slightly inconvenient for MOST internet users. Maybe slightly inconvenient for those types of users who go to BBR and will work at bypassing restrictions. But this is a numbers game, and a large part of the internet universe won't bother digging up a blocked service once it is blocked.

It'll be SLIGHTLY inconvenient until P2P programs, browsers, and other programs using DNS start autoconfiguring alternate DNS servers or just outright not use the default system DNS servers to bypass US restricted ones...

Going around blocked DNS certainly seems to be an easier endeavor when compared to the outright torrent blocking that some ISPs were doing a few years ago (that failed when most torrent programs went encrypted).

As has been shown previously, blocking isn't the answer... users who want it will still get it.
--
If it's important.... back it up... twice.


Edrick
I aspire to tell the story of a lifetime
Premium
join:2004-09-11
Woburn, MA
reply to FFH5
said by FFH5 See Profile
Yes. I read your blog entry. And you go to great pains to explain the differences between OpenDNS and COICA as regards block lists. But it is still in your best financial interests if COICA is not passed. And most times at BBR that conflict of interest is mentioned. Just thought it should be mentioned now as well, since conflicts of interest weigh on evaluating the arguments of a commenter on a subject.
[/BQUOTE :

How on earth is it to his advantage if COICA isn't passed? This still has NOTHING to do with what OpenDNS filters. If COICA is passed this will not in any way effect OpenDNS's business as the ONLY thing COICA is for is government control unmonitored of being able to block torrent sites. So there's absolutely no conflict of interest.
--
Edrick Smith
Independent Film & Broadcast Producer
»edricksmith.com


chimera

join:2009-06-09
Washington, DC
reply to DrDrew
Don't count your chickens before they hatch. The P2P domain is a brillaint idea, but the implementation of it will be very challenging. As of now the idea has yet to even reach its infancy so we have a long way to go before it can treat this as a viable alternative to ICAAN.

Phatty

join:2000-05-10
Saint Louis, MO
reply to FFH5
said by FFH5:

said by davidu:

It's entirely different. You can override all our categories, and most of our categorization is community-sourced. It's not even remotely similar.

Yes. I read your blog entry. And you go to great pains to explain the differences between OpenDNS and COICA as regards block lists. But it is still in your best financial interests if COICA is not passed. And most times at BBR that conflict of interest is mentioned. Just thought it should be mentioned now as well, since conflicts of interest weigh on evaluating the arguments of a commenter on a subject.

OpenDNS optional services have no relation to a government blocklist. Anyone taking advantage of OpenDNS category blocks would still want to take advantage of those blocks even if the US Government has their own lists. About the only way I can see a government block list hurting OpenDNS would be if people started moving to non US based DNS providers in hopes of getting around the blocks.


TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Reviews:
·Optimum Online
·Clearwire Wireless
reply to FFH5
said by FFH5:

More than slightly inconvenient for MOST internet users.

Not even close! You TEMPORARILY inconvenience the community of users who use the service. Think about it. The community of users who want to read Wikileaks has GROWN enormously, and access to the information has GROWN as a result of the US attempting to block it. There are now over 500 mirrors of Wikileaks (»wikileaks.ch/mirrors.html) all over the world. Why? Because the US attempted to block them. That fact alone advertised and propagated the information. Make something forbidden, make it hard to get, and people will flock to it!

What do you suppose will happen tomorrow if Facebook, Google, or Twitter are deemed subversive, and the US blocks them? Over night a fix will propagate, and another US government control will be made irrelevant. Those services will become more popular than ever!

It's called freedom, and it can't be stopped. All attempts to thwart it will only cause it to grow. I don't oppose COICA, nor do I oppose the RIAA's or the MPAA's attempts to stop P2P traffic. All it does. is further harden and streamline the technology, making their efforts more nonsensical and useless. The same goes for the US government. The more silly games they play. the less control they will have in the end. That's a GOOD thing!

Remember what Benito Mussolini said: "Fascism should more properly be called corporatism because it is the merger of state and corporate power." And we all know the ultimate end of fascists right?

Bob
--
Would you ever go over to Czechoslovakia, and marry me daughter for me?"


TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Reviews:
·Optimum Online
·Clearwire Wireless
reply to DrDrew
said by DrDrew:

Unless ISPs start inspecting packets and blocking packets to other DNS servers

Can't be done without totally disconnecting the US population from the rest of the world. Are they going to prohibit VPNs as well? Prevent folks from running a local name server on their PCs? IP block all "forbidden" sites at the gateway routers?

Total control can only be achieved by making the US a "walled garden", completely disconnected and isolated from the rest of the world. When and if that happens, the world in general will be a better place for it.

Bob
--
Would you ever go over to Czechoslovakia, and marry me daughter for me?"


rchandra
Stargate Universe fan
Premium
join:2000-11-09
14225-2105
reply to DrDrew
said by DrDrew:

Just blocking to port 53 won't do it for long to those interested in such things. My router already allows for other ports besides 53 to be used.

doesn't matter what your router uses. If eight nines percent of the Internet uses port 53, you're SOL. I heard somewhere a few ISPs are already doing this, basically using NAT so that it wouldn't matter what destination IP address I use in my outbound packets, it will get NATted to their DNS servers. They ostensibly do this, one, to lessen support calls from their clueless customers who get their DNS settings wrong, and two, to build up their cache. The only effective defense will be tunnelling to somewhere without such restrictions.

BTW...count me among the distrustful who run their own BIND instance which GENERALLY gets around ISP DNS issues, unless they do this forced NATting (at which time I can route my DNS traffic over the tunnel I have with my friend's business Internet connection).
--
English is a difficult enough language to interpret correctly when its rules are followed, let alone when a writer chooses not to follow those rules.


Jeopardy! replies and randomcaps REALLY suck!


DrDrew
That others may surf
Premium
join:2009-01-28
SoCal
kudos:20
said by rchandra:

said by DrDrew:

Just blocking to port 53 won't do it for long to those interested in such things. My router already allows for other ports besides 53 to be used.

doesn't matter what your router uses.

It matters that I can change it. Then I don't have to change anything on any device on my network to go around port 53 blocking or interception.

If ISPs were forced to block other DNS servers from being used, how would they do it? Cheap and easy is to intercept outbound calls to port 53 which is DNS. If something other than 53 were being used, they'd have to inspect packets to figure out what is DNS and what isn't. Packet inspection on such a large scale takes dedicated hardware, which is $$$$ to install widespread, so it's not likely anytime soon.

So if the quick and easy blocking or intercepts happen, the quick and easy fix is to use another port on the server and tell those who want access the new port number to use.

My router can handle such DNS server port changes if need be because some ISPs intercept port 53 and some users wanted it to be able to use alternate ports.
--
If it's important.... back it up... twice.


Jason Levine
Premium
join:2001-07-13
USA
So advanced users would be able to bypass the censored DNS, but normal users would be subject to the blocks. This would reduce the possible audience for blocked sites and all but force sites to abide by whatever rules the COICA folks set.
--
-Jason Levine


TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Reviews:
·Optimum Online
·Clearwire Wireless
reply to Jason Levine
said by Jason Levine:

If I don't like the US Government's blacklist, how do I use a different one? Short of moving out of the country .....

You can move your Internet connection out of the country for very cheap! »strongvpn.com/ Pick one of 14 countries and move to a new one every day if you like. I am a Canadian today. Tomorrow I may be Swiss.
--
Would you ever go over to Czechoslovakia, and marry me daughter for me?"


Metatron2008
Premium
join:2008-09-02
united state
reply to TamaraB
said by TamaraB:

said by FFH5:

More than slightly inconvenient for MOST internet users.

Not even close! You TEMPORARILY inconvenience the community of users who use the service. Think about it. The community of users who want to read Wikileaks has GROWN enormously, and access to the information has GROWN as a result of the US attempting to block it. There are now over 500 mirrors of Wikileaks (»wikileaks.ch/mirrors.html) all over the world. Why? Because the US attempted to block them. That fact alone advertised and propagated the information. Make something forbidden, make it hard to get, and people will flock to it!

What do you suppose will happen tomorrow if Facebook, Google, or Twitter are deemed subversive, and the US blocks them? Over night a fix will propagate, and another US government control will be made irrelevant. Those services will become more popular than ever!

It's called freedom, and it can't be stopped. All attempts to thwart it will only cause it to grow. I don't oppose COICA, nor do I oppose the RIAA's or the MPAA's attempts to stop P2P traffic. All it does. is further harden and streamline the technology, making their efforts more nonsensical and useless. The same goes for the US government. The more silly games they play. the less control they will have in the end. That's a GOOD thing!

Remember what Benito Mussolini said: "Fascism should more properly be called corporatism because it is the merger of state and corporate power." And we all know the ultimate end of fascists right?

Bob

I would agree with you on wikileaks, but theft is as much a 'freedom' as murder or any other criminal activity. Move away and you will still need to abide by laws, otherwise you are just a common criminal.


TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Reviews:
·Optimum Online
·Clearwire Wireless
said by Metatron2008:

... but theft is as much a 'freedom' as murder or any other criminal activity.

What "theft" / "criminal activity" would you be referring to?
--
Would you ever go over to Czechoslovakia, and marry me daughter for me?"