 |
 vpokoPremium
join:2003-07-03
Boston, MA | Usefulness I can see how this would be useful to prevent a fake IP address from being returned by someone in the position to pull off a man-in-the-middle attack (e.g., hotspot operator). But it won't prevent that party from knowing which sites you're visiting, since they can reverse-DNS the domain name from the IP address, which they will have when you access the site (even if over SSL). | |
|
 Romney2012Defeat Obama 2012-Chg we can believe inPremium
join:2002-03-03
USA
kudos:4
1 edit | Will only work on Mac computer for now If you read the OpenDNS web site you will see the DNSCrypt software will only work on Mac computers for now. Windows later. And other devices like tablets and smartphones - who knows when. | |
|
|
| | Its only for mac for right now Per the website its only available for mac's for right now. | |
|
Reviews:
 ·Verizon FiOS
| Sadly? Keep your panties on there, karl! 
So its for the mac "at this moment". SO!
It will be out for the PC soon.
Besides, how many Mac users ACTUALLY use OpenDNS and are looking for encrypted.... hey... hmmmm... I have a mac...
--
Splat | |
|
 nwrickertsand groperPremium,MVM
join:2004-09-04
Geneva, IL
kudos:7
·AT&T U-Verse
| What's the point? DNSSEC protects your security with the use of digital signature that can ensure that you have the correct DNS results.
DNSCrypt seems to do little more than encrypt the transmission of data that is already in the public domain.
I guess this helps OpenDNS gain a monopoly on the sale of your browsing habits for profit.
--
AT&T Uverse; Zyxel NBG334W router (behind the 2wire gateway); openSuSE 12.1; firefox 8.0 | |
|
 | vpokoPremium
join:2003-07-03
Boston, MA | Re: What's the point? Are you sure that's how DNSCrypt works? I'm not asking to argue, I'm really not sure.
Public key encryption can be used in few ways. If OpenDNS encrypts the data using a public key that you generate, and you decrypt it with your private key, that encrypts the data but doesn't confirm authenticity (because anyone could have used your public key to encrypt data).
On the other hand, if they use a private key that they generated to encrypt the data they send, and you use the corresponding public key to decrypt it, it doesn't protect the data (since anyone has the public key to decrypt it) but it dues authenticate it since only the possessor of the private key could have generated that cyphertext.
I'm not sure how OpenDNS' system works, but I would hope it's the latter. | |
|
| | nwrickertsand groperPremium,MVM
join:2004-09-04
Geneva, IL
kudos:7 Reviews:
·AT&T U-Verse
| Re: What's the point? said by vpoko:Are you sure that's how DNSCrypt works? I'm not asking to argue, I'm really not sure.
I am crudely assuming that the encrypted channel between you and openDNS is perfect.
At best, that can protect traffic between you and openDNS. However, openDNS is not an authoritative supplier of DNS data. If you use DNSSEC, then you are checking the authentication signature from the authoritative originator of the data.
--
AT&T Uverse; Zyxel NBG334W router (behind the 2wire gateway); openSuSE 12.1; firefox 8.0 | |
|
| | | So since I use BIND9 as a DNS Server and resolver (no forwarders in my DNS server), all I have to do is enable DNSSEC in the options {}; section, am I right?
»dnssec.surfnet.nl/?p=402
I am using Debian Sid+Experimental.
--
Current Soft Phone (temp): Ekiga (ordered Yealink T22P to switch from Ekiga)
Phone System: Asterisk 1.8; Server: Ubuntu Server 10.04 with Windows Server 2008 R2 Standard as guest | |
|
|  dvd536as Mr. Pink as they comePremium
join:2001-04-27
Phoenix, AZ
kudos:4 | said by nwrickert:I guess this helps OpenDNS gain a monopoly on the sale of your browsing habits for profit.
ding ding ding. we have a winner!
--
Oh YES! let me drop everything i'm doing regardless of who it affects to deal with your petty little problem! | |
|
| Reviews:
 ·WildBlue
| said by nwrickert:I guess this helps OpenDNS gain a monopoly on the sale of your browsing habits for profit.
Now you know why they released it for Macs first. Aim for the most gullible first. Hey guys look at this. It will make you more "secure" than everybody else. You must have it!
--
[IMG]»img218.imageshack.us/img218/2636···3dg6.gif
Windows 7 Pro 64-Bit / Core i5 - 760 / GTX 460 1GB SLI / 8GB DDR3 RAM / Vertex 2 120GB SSD | |
|
| | | | Re: What's the point? mac only? How odd. | |
|
| | | | | Re: What's the point? Exactly what I thought. Why in the world would they make it for Mac only, first?
said by Sircolby45:said by nwrickert:I guess this helps OpenDNS gain a monopoly on the sale of your browsing habits for profit.
Now you know why they released it for Macs first. Aim for the most gullible first. Hey guys look at this. It will make you more "secure" than everybody else. You must have it! Yep,
That's the reason why. I'll just stick with my own DNS servers, if you don't mind. Don't like OpenDNS anyway.
--
The Firefox alternative.
»www.mozilla.org/projects/seamonkey/ | |
|
| | | |  Noah VailSon made my AvatarPremium
join:2004-12-10
Lorton, VA
kudos:1
 ·Bright House
 ·Sprint Mobile Br..
| Re: What's the point? said by cork1958: I'll just stick with my own DNS servers, if you don't mind. Don't like OpenDNS anyway. Me too. Unbound employs DNSSEC natively, it's all I install anymore.
NV
--
Adopting other people's animosity is The New Stupid. | |
|
| | |  sykl0psPremium
join:2011-06-23
Gainesville, FL | Seems like an interesting way to do a limited beta test to me. Only mac while they see how their servers respond, if all is well, let loose the windows version. | |
|
|
|
|
