Follow Slashdot stories on Twitter


Forgot your password?

Comment Re:If OpenDNS Is Evil, Why Aren't Admins? (Score 1) 175

The notion that OpenDNS is evil because they run ads is juvenile. So is the notion that they're evil because they keep logs and records. Name me a Unix system or any provider of any kind of Internet services that doesn't keep logs and records.

The point is that they hijack both your NX responses and google searches without telling you either upfront. They broadly advertise Web Content Filtering, Phishing Protection, Zero-Downtime Network, Faster Internet, Statistics etc. but not a single word about ad injection or google hijacking.

If you have no privacy concerns about a third party monitoring your google queries then that's fine. But I guess most people would at least prefer to know.

Comment Re:I Don't See A Scam (Score 1) 175

There are public resolvers that you could use, for example (google will find you more).
If you're on a unix OS you could also install a local resolver like dnsmasq or dnscache (part of djbdns). The distro packages usually come with a reasonable default config, thus it's mostly just a matter of installing the package and editing your /etc/resolv.conf - a one minute task.

Comment Re:Do not use OpenDNS (Score 4, Informative) 175

and add extra features to decades old service without breaking standards.

But they are breaking the standard. In particular rfc2308,

under 8:

Negative caching in resolvers is no-longer optional, if a resolver
      caches anything it must also cache negative answers.

      The SOA record from the authority section MUST be cached. Name error
      indications must be cached against the tuple .
      No data indications must be cached against tuple.

Note the absence of statements like "lookup failures should silently map to A records that point to webservers serving spam".

Comment Re:I Don't See A Scam (Score 4, Insightful) 175

Sending a raw error code to 99 percent of Internet users is bad service. Better to catch the code and deliver a plain language message.

Guess what browsers and web-proxies have done for, umm, 10 years? Mine says "Name Error: The domain name does not exist". What could OpenDNS possibly add to this simple message, other than their spam?

Short of running their own DNS, what's a better approach?

Better approach to what?
Why not just use your ISPs nameserver?

Comment Re:Do not use OpenDNS (Score 1, Informative) 175

How are they scam operation?

They're providing a near-zero value product, spam you with ads in dubious locations (NX) and collect a lot of personal data with borderline phishing methods (google proxy) without announcing either of that clearly upfront.

And if you are concerned with worm infections, why not run OpenDNS + IDS + Antivir?

Because OpenDNS provides no added protection? The other two are plenty sufficient while nobody knows whether the OpenDNS detection is reliable nor whether they will bother to add detection of future worms etc.

Remember many phishing toolbars claim to protect you against other phishing toolbars. OpenDNS is running the same model here.

Comment Re:Do not use OpenDNS (Score 4, Insightful) 175

Agree'd. The "Open" in their name is misleading. In reality many consider OpenDNS to be a scam operation.

Furthermore nobody should rely on a DNS provider (of all things!) to report worm infections. The idea is so wrong, it reminds me of the TV scams where they want to sell you a worthless product, bundled with 5 other, totally unrelated worthless products. "Buy this quality home-trainer for only $499 and you'll get this USB-stick, a bar of soap, two lightbulbs and a chinese ipod-knockoff, for free!".

If you're concerned with worm infections then you run antivirus software and maybe an IDS (e.g. snort) on your internet gateway.
Both will report malicious traffic much more reliable than OpenDNS because that's what they're designed to do.

Slashdot Top Deals

I judge a religion as being good or bad based on whether its adherents become better people as a result of practicing it. - Joe Mullally, computer salesman