Comment Re:Not surprised (Score 1) 527
The people running dns servers are probably 0.000001% of internet users....
ummm... Okay... Only that's not what the story was talking about. The story was talking about a user using a different resolver from comcast, rather than their resolver. This has nothing to do with running a dns server. There are a number of reasons to want to use another resolver, including:
- Security - Switching resolvers to OpenDNS was one of the suggested protection methods for Kaminsky's DNS flaw.
- Avoid NXDOMAIN hijacking / forgery - All the net is not the web, and NXDOMAIN hijacking breaks everything except the web (and sometimes even breaks the web too).
- Avoid outages - Outages that are caused by the provider's inability to achieve a simple task - keeping their caching name-servers up, while connectivity is still there, shouldn't cause an outage of your net access
- Alternative DNS roots
the rest are probably just infected machines... is it simply to try to get a handle on worms and malware... If the cost from malware
Sorry... what does using a different resolver have to do with malware? Yeah. I thought so.
The question is *why* do they care about filtering DNS traffic?
The reasons I've heard advanced most frequently to encourage the use of the ISP's caching nameserver are:
- Bandwidth - Though this will not impose a significant increase in bandwidth on the ISP, it can impose a somewhat larger load on the roots and TLDs. Though with the larger caching nameservers like OpenDNS this should not appreciably increase load
- Ad revenue - See above on NXDOMAIN hijacking / forgery. This is an inappropriate business practice that breaks everything except web and often breaks the web too
This detracts from their profitability only one one of their lines of business - the one where you are the product.