Google has entered the domain name resolution business, part of its ongoing effort to control just about everything you do on the net. This morning, the Mountain View Chocolate Factory unveiled the free Google Public DNS, a service that lets you resolve net domain names through Google-controlled servers. DNS - the Domain Name …
"But even if Sergey, Larry, and Eric are morally superior to everyone else in the world - which is just as ridiculous as it sounds - what happens when new leaders come along?"
Really is just another way to say:
we can't knock it now coz if we could we would
so we have to knock it into a phantasy-land that has no real relation to reality.
In other words: the fear is worse than the reality?
The product is you
"the fear is worse than the reality?"
Of course it is. People tend towards tinfoil hatting about anyone or anything they feel has more power or control than they do. Mild paranoia is quite natural, and usually quickly and easily tempered amongst most people by the simple fact that life experience will inform us that people who truly try to "take over the world" are fairly rare.
What many people fear Google “might be up to” is far more sinister than what Google actually is up to. That said, Google’s motives are plain, and they are not at all “pure and saintly.” Their motives are to maximize shareholder value. In order to do this they need to make oodles and oodles of money. Their business plan involves extracting that money from every corporation and government on the planet.
What then is Google selling? Why…you. You are the product that Google repackages and sells. Your eyeballs for its advertisements, your medical history for its healthnet, your behaviors, beliefs, media consumption, and even your loyalty. Google has built its business on selling everything about everyone to everyone else.
I try very hard not to tinfoil hat too much about it…but their reach gets a little wider every month, and I find how much information they have the ability to collect about an individual vaguely creepy. Guess some folks just aren't big on the idea of being packaged and sold.
The title is required, and must contain letters and/or digits.
>Their motives are to maximize shareholder value
One thing I've always wondered: Since google shares don't pay dividends. How do the shareholders get value beyond speculation? If Google increases profits, the share holders don't see any of it?
One does not need dividends to see an increase in value. The share price alone is all that is required. If I buy in at $50, and the share price is now $51, then shareholder value has increased.
In the olden days, you bought into a company, and the value you extracted was via dividends. In today’s world, dividends are no longer considered "good enough." Now you must have an infinitely increasing, at massive rate-of-return share price, or you are a corporate failure.
On the downside for the business man, this is impossible in the long run.
On the upside for the business man, this doesn't mean you actually have to increase the real-world value of your company. Just lie enough that your share price goes up this quarter.
Oh, did you notice the recession?
By having a DNS service they control the internet???
The article mentions three times that this DNS service gives them more control. In what way exactly? You type the name of the site and they return the IP address. They can't really get redirected to another site, right? That's something you'd probably notice ;)
Anything else interesting in this article? Nah...
...they get to know every single site you visit, even when you don't use Chrome, their search engine?
No evil in this one
Nothing evil about it. It would be impossible for them to do any evil with the data they collect.
They do however provide some very easy to remember ips which is a plus. :)
22.214.171.124 and 126.96.36.199 - too easy.
For comparison OpenDNS is 188.8.131.52 and 184.108.40.206 which isnt quite as easy to remember.
For those in Australia, the traceroutes are very interesting.
Lots of mystery routers all belonging to Google.
Think about it.......
They wouldn't control *the* internet, just the internet that all the Google DNS users see.
If you don't see opportunity for evil within that little set up, then go and sit back down with the rest of the sheeple.
And ho much did it cost them to get IP wondership of 220.127.116.11 and 18.104.22.168?!
May be safer than your ISP?
Just thinking Virgin provide a good service but are always falling over themselves to sell you out. 1st Phorm, Now DPI spying etc.
It looks like Google is not as fast as my ISP here in the UK..
Using "namebench Open-source DNS Benchmark Utility" it looks as if my ISP has outsourced to OpenDNS as well...In my testing OpenDNS was 50-83% faster with Virgin a little behind OpenDNS .
Oh using Virgins re-badged OpenDNS as you can opt-out of redirection at no charge.
Sure. And you believe that, of course. Wow. There is not a single shred of doubt in your mind that a policy that's on a web page takes a good 0.2 seconds to be updated with something that's completely different, and I bet you you don't need to sign up to use it, which means you do not actually HAVE a contract with them by which you can enforce a degree of stability to those terms.
I am astonished as to how far that simple line "do no evil" has allowed Google to invade everyone's privacy unchallenged. And the Swiss get beaten up for asking questions, instead of everyone else asking their so called Data Protection regulators why they let them roam free.
Quality - even Microsoft has never managed that.
Now, I have some *fantastic* double glazing for sale..
Gave it a try
Giving it a try now (and google wave, on google chrome), seems a bit slow if I'm honest so will probably switch back to my ISP's DNS when I can be bothered. Although google.co.uk loads up fast, and probably doubleclick (though kaspersky blocks the ads anyhow)
Sounds like they are building Skynet.
How long before the the Google Zeitgeist becomes self aware and thinks it can no longer ensure it's survival by relying on Fleshies that spend all their time searching inane celebrity keywords?
Just a matter of time before armed Street View Battle Droids are roaming the roadways with their new Face Recognition Targeting software.
Resistance is Futile!
If the machines ever become aware they'll know they'll still need the geeks for the occasional bug-fixing or developing a new feature (such as better aiming). The rest of you will be fucked, though.
It's the evolution of society: first it was ruled by warriors, then by priests, then by politicians, now by businessmen. Soon it will be geeks.
Oh, I forgot: I, for one, welcome The SelfAware One, our Lord Google !!!
ISPs that offer proper DNS are becoming rarity, so this may well be valuable to many people in that situation, or indeed to people whose ISP/country employs DNS based censorship.
On the other hand, it occurs to me that whoever provides those annoying search pages some ISPs deliver in lieu of an error message is a direct commentator to Google. Makes you go "hmm" doesn't it?
Don't let Google fool you...
First, be careful what Google says about what and how they manage collected data. If you don't trust your own government, then why trust Google?
Google doesn't have to do any landing to show value in having their own DNS server farm. They will identify who's making the requests and what they are requesting.
Imagine you like to surf for porn late at night when the kiddies are in bed and the wife's in the other room. (Not that *I'd* do that.) :-)
Now all of a sudden, late at night, even though you're not currently surfing for porn, you'll start to see Victoria Secret Ads on your browser. Fancy that.
The point is that by knowing who you are, what sites you hit, they learn more about your browsing habits beyond the stuff you search for.
Also note that with the use of NoScript and Firefox, one can always turn off the GoogleSyndication and other ad tracking scripts on a page. So they are collecting less data about you than they would like.
Using their DNS? You can't block them from collecting Data.
Google doesn't hire the 'brain trust' because they tend to have morals.
Lots of possibilities
There doesn't have to be just one DNS. We might wish it so, and predict anarchy if not, but if Google (or Bing) owned a goodly proportion of the world's name resolution, they could start selling top-level domains. Or re-assigning Murdoch-esque ones - or just failing to resolve them.
All the alternative generic DNS offerings so far do is provide an alternative _resolver_ service to the alternatives provided by multiple ISPs. Many small to large organisations and some researchers run their own resolvers too, though having a reliable always on server helps. What none of these alternatives have attempted so far is any redefinition of who runs all the much greater number of DNS _content_ servers or to change top level domains. The root domain (i.e. list of top level domains including .uk and .com and the addresses of authoritative content servers for TLDs) could also have multiple copies - it's a small file and easily obtained, and it changes infrequently. However, with a few exceptions anyone offering an alternative generic DNS resolving to different TLD or other content from everyone else would be abandoned soon by their users.
Having choice between many DNS resolving services is a good thing, because this competition will prevent legitimate offerings from going bad.
A scenario where a complete alternative DNS infrastructure might work would be in respect of a narrow class of security application - e.g. for a grassroots financial network comprising Building Societies, Credit Unions and community currencies. This could use DNSEC from the start, with those wanting their own domains resolved having to provide better credentials in order to get zone signing keys signed than your average blackmailer, 419er, phisher or identity theft artist could arrange. All your non financial applications would continue to use the public DNS through whichever resolver service you prefer and the finance applications you use that don't expose you to private banks or other assorted crooks could be preconfigured to use the non-profit financial community DNS.
Yep Folks it looks like Skynet is upon us
"Google said it is intent on expanding this infrastructure between one million and 10 million servers, encompassing 10 trillion (1013) directories and a quintillion (1018) bytes of storage. All this would be spread across "100s to 1000s" of locations around the world."
Jazus the mind boogles at googles - Self aware Machine and a non-saintly regime change
We will be fucked.
But will we notice as life goes on and we star swallowing the Blue pills
You aren't supposed to grind amanfromMars up and snort him.
Bad things happen.
Ground up manfrommars
I dunno --- (relatively*) short, snappy, to the point yet at a noticeable angle to the rest of the universe. Me likes this version.
*add this adjective as appropriate. YMMV.
One of our Martians is missing.
Haven't seen hide nor hair of our extra-terrestrial friend since El Reg ran the Hoover over the comments section. Could it be that the in-your-face "Reply" and "Report" icons have overwhelmed his sensory receptors?
faster than instant, saftey from what?
Don't like it? Don't use 'em. I never will.
Unfortunately the average consumer who is not at all savvy in the ways of the Internet and data collection tech will. Still who gives a .... isn't that what lambs are for anyway?
As much as I would like to wise up and help my brothers and sisters in the human race, and I do try, I see no problem in allowing the weak to be devoured if being chased by a shark. Perhaps this is the next stage in evolution, those who understand and can counter the threat, imaginary or not, from the likes of Google and governments go on to live relatively free and fruitful lives, while those that don't just think they do. Mind you, belief wears some very strong rose tinted glasses. Think of the children and the next generation, what they have never had they will never miss, they will embrace what we abhor with conviction.
Take that, DNS hijackers
To me, this looks like an attempt to kill off DNS hijacking --- the practice of returning bogus results for unrecognised domains. I can think of three main reasons why Google would want this:
- the bogus results usually assume the user was doing an HTTP request, and attempt to serve up a webpage pointing at some kind of search site that's not Google. By preventing this, Google starve their competitors and at the same time increase the probability that the user will go look up the site on Google;
- DNS hijacking *really is* a horrible security hole; consider someone on Gmail following a spam link to fnord.googlemail.com. The domain's not recognised, so scummy ISP redirects them to a server that masquerades as fnord.googlemail.com --- and the user's web browser happily hands the server the user's login cookie, because fnord.googlemail.com is in the same hierarchy as googlemail.com. Who gets blamed for this? googlemail.com, of course;
- Google want *everyone* to be able to access their services, and so have a vested interest in maintaining web standards; DNS is the engine that makes the web go, and doing stuff as horrible as DNS hijacking is destabilising the entire internet (as this illustrious publication has said, many times).
So I see this as a really good thing. I'm sure they *could* attempt to use their new-found DNS skills to spy on my precious bodily fluids, but really, who cares? I'm more interested in how much the 22.214.171.124 IP address cost them. Lots, I'd imagine.
Can't help but wonder if they'll start 404 hijacking once they get a significant part of the whole DNS pie? However, if they actually are honest in their intentions and actions (in this case anyway), then I can only really see good to come from a truly standard, non-hijinx DNS server.
Unlike OpenDNS, for instance.
The tracking possibilities, however, are enormous. Knowing where people go would significantly enhance their advertising targeting, and would also provide huge privacy concerns.
"Can't help but wonder if they'll start 404 hijacking once they get a significant part of the whole DNS pie? However, if they actually are honest in their intentions and actions (in this case anyway), then I can only really see good to come from a truly standard, non-hijinx DNS server.
Unlike OpenDNS, for instance."
NX redirection can be turned off on OpenDNS, if you're a paying customer (about $10 a year). Seems fair enough that they redirect you to an advertising page if you don't pay - how else are they going to make the money to support the service?
GoogleDNS and OpenDNS are two different services really. GoogleDNS is a simple replacement for an ISP's DNS servers, whereas OpenDNS gives you a lot of options (such as blocking certain types of sites and a basic level of typo-correction).
I'd definitely be very wary about using GoogleDNS though. While they haven't really shown themselves to be completely dishonest, it would obviously be of massive benefit to Google to tie your DNS requests with your AdSense data. Then again, how many of us trust Google with their e-mails?
Out of the box OpenDNS does redirect NXDOMAIN replies to their search page rather then give the NXDOMAIN response. However if you don't want the typo correction and shortcut services from OpenDNS then you can disable these and get the NXDOMAIN response instead.
They don't make it obvious you can do this though.
Hey guys, so, who can't wait for Google to tell me what does and does NOT exist on the internet? Why of course, Google, you couldn't have shut down studiobriefing.net because it never existed in the first place - at least according to you!
Repeat after me: Too much control in one place. Too much control in one place. Too much control in one place.
People don't seem to realize that dystopia exists NOT because it was forced down our throats but because WE ASKED FOR IT.
Google is evil. Government is evil. It's time we throw our cards in with the less evil of the two to stop the one that is truly venomous. It's just far too bad that Google has Obama's ear - looks like it'll take the Big "G"s that make up the European Union to split Google at the seams.
Step back now and think
Yes, I think Google are great as a search engine. Yes they do some very interesting things with software. Yes, some of their services are good. The world's largest search engine running it's own DNS servers? Hmmm, just a little too uncomfortable with that.
But hey, this is Uncle Google right? Google is everyone's friend, they won't hurt anyone or do any thing nasty!
Google are a company, OK? Google are in business to make money! That is all they exist for, to make their owners bucketloads of spondoolics! Nothing more, nothing less! They might do this by making it seem like they are everyone's mate, giving away free software and services, but they still make absolute ****-loads of cash doing it.
Just like these Apple fanbois. Uncle Steve is not Mr Nice, he's a businessman, with a knack for hiring talented designers and marketers, he is not everyone's favourite uncle and best mate, he is a ruthless businessman working in a cutthroat business. Just like Serg and his mate!
You lot do know Google also runs their own PayPal style service too?
They know what you went looking for.
How many places you went looking for it.
How much you paid.
They did the cash transfer to buy it.
They store the details about your online life in their office software.
They know all about your contacts you talk to.
They know who you bought gifts for.
Google probably now knows more about you than your closets friends and partners, scary isn't it?
OpenDNS ad-laden pages
Aren't they opt-in?
They're at least opt-out-able 'cos I sure as hell haven't seen a single ad-laden response to a mistyped url since I set-and-forget OpenDNS several years ago.
I just don't trust Google on this one.
I can't see any opt out/in in the OpenDNS dashboard. There are definitely ads on the redirect page you get for blocks, however on the redirect page for typo correction it shows a search engine with no overt ads.
They do look to be tracking the clicks on the search engine results though, I have disabled the typo corrections now anyway.
It has been a while since I read snowcrash but google sounds more and more like the media mogul from snowcrash to mo.
probably not a good thing.
Conjoined or Dust
Google is obviously raising cash for one goal only- to build a separate network and nurture conditions so that when the technology for mind to mind communications is ripe, they will be ready to harvest it. Combine this with the quantum nature of our consciousness (ORCH OR) and the culminating emergent species will leave homo sapiens in the dust. So stop your whining, we are all doomed. It will be Google or someone else but it is inevitable. This isn't Skynet this is GodNet.
A hat tip to one of my fav authors, Alastair Reynolds.
They just want more cash
Or at least to keep more of it.
You see. Once people become super rich, they go a little Howard Hughs. The only way to prevent people from stealing from you, is to control everything.
Comcast, Road Runner, and other ISPs have landing pages, where they redirect their users who have mistyped/unresolved URLs. These landing pages contain (surprise!) paid ad's.
So google winds up writing a check to some ISPs every month. Google !hates! writing checks... In google's view, these ISP's are stealing money from them.
Then there are the people who use the address bar as their search engine. When the ISP redirects these people to the ISP's own search engine... They are stealing eyeballs/clicks/market share/more money, from google.
If google allows people to become accustomed to this, it will lead to bigger and bigger checks being sent out. The ISPs could even (gasp!) allow bing/yahoo/etc, to provide the search results.
But if google gets people to use their DNS, they preempt the ISPs cash grab.
What is Google good for?
Every day we hear something about Google this or Google that, Googles taking over this or that, now we've got the GoogleDNS stuff, great :( Not.
Google has done some great things, their maps are awesome, gmail has been my personal mail address since it was by invite only, I like the iGoogle page for quick reference, and their search engine is better than anything else out there (anyone remember WebCrawler?)
But that's as far as my usage goes, I won't rely on them for DNS, I'll stick with my ISP for that, and IF my ISP switches to Google, well, I'll find something better.
We all know that these guys make their money through adverts, simple, and how much better is it if they have the DNS servers tracking IP addresses and frequented IP's? ALL YOUR AD BELONG TO GIS
All anyone has to do is say NO to stuff that can take over lives, i.e. Android, Chrome, ChromeOS, DNS, and all will be right in the world.
What have Google ever done for us?
APART from "Google has done some great things, their maps are awesome, gmail has been my personal mail address since it was by invite only, I like the iGoogle page for quick reference, and their search engine is better than anything else out there (anyone remember WebCrawler?)"
What about the aquaduct?
For the last 10 or so years I have been running my own local recursive DNS server because I do not trust other people to be capable of running a DNS server.
The reasons are:
1) Reliability - You'd think ISPs could run working DNS servers, this is the reason I started running my own initially.
2) Security - There's been numerous DNS cache poisoning exploits over the years, by running my own DNS cache behind a firewall I manage to avoid a lot of them (not all).
3) Hostname filtering - DNS is not the place to do hostname filtering, and recently ISPs in many countries have started implementing block lists at the DNS layer, either at the behest of government or of their own volition.
Google could certainly manage to run a reliable and secure DNS service (certainly better than most cash strapped ISPs). When it comes to hostname filtering they'll probably cave in to governments, they have quite a bad track record on this.
However anyone who's ever run a tcpdump for DNS traffic knows quite how much about your browsing habbits, and even what software you have installed leaks out on to the internet. Google already has enough data about your browsing habbits, why give them even more.
get an account, disable hijack, job done... it's still free.
Does anyone else see the possibility for some malicious hacker to take down the entire Internet?
Google has those 2 IPs (which are really decent by the way) and let's say in a couple of years 50% of the population are using their resolvers.
If someone DDOS's those IPs, it will kill the Internet for that 50%.
You could say "the people that use those resolvers are going to be in the minority" but 10-15 years ago did you "Google"? I certainly didn't. I do now - a large number of times a day.
You could also say "yeah but behind those 2 IPs there'll be a huge number of servers" - true, but look at Facebook/Twitter - they've probably got somewhere in the region of hundreds of servers, and they managed to get taken down by a DDOS attack not that long ago.
I can also see it being pushed on oblivious people by their ISPs who suddenly realise "hey, we don't need to run our own resolvers now." So for every new customer, they post out a router pre-configured with 126.96.36.199 and 188.8.131.52.
Google already have much more traffic and routing capacity than any likely DDOSer can throw at them. True, they might not want the largest likely DDOS to be thrown at the pair of resolver IP addresses directly. But this wouldn't happen. All Google would have to do would be to identify originating abusive addresses and address blocks dynamically and block these from coming into the Google network at their border routers. This would be more generally disruptive for customers of ISPs not implementing RFC2827, but having customer pressure forcing their own ISPs to implement RFC2827 would be a positive outcome.
No adds on my OpenDNS pages
Been using OpenDNS for years, I have a (free) account with them and no add pages.
What I do get is the ability to trap certain requests and send them to a blocked page. Its a poor mans firewall, but it does the job for the children.
So this is a solution to a problem that doesn't exist.
...Soon to come; the Google ID Card
Just think of the endless possibilities for capturing data and profiling more of the public's habits, interests, health, shopping, house selling, car journeys, email friends, content of your documents, spreadhseets, pictures of your families, mobile phone calls, activites on your Google OS, complete surfing experience from your DNS... why invest in all of these systems when a simple Google ID card for all memebers of planet earth would solve the problem?
The insidiousness of this should begin to alarm governments not just the public. Too much data in the hands of one company, especially as there is no oversight of data usage, is threatening. Perhaps it is time to see if the EU commissioners should be looking at the privicay and intrusion aspects of one company having access to all of this data.
.... however that said, and just to be safe from the storm troopers at midnight, I want to be one of the first to welcome our Googleplex Overlords, declare myself a citizen of the Google republic and shout 'down with privacy, long live the revolution!'
People really do need to WAKE UP ! ! !
One. twice, three times BS
<google>some complex pages require multiple DNS lookups before they start loading," reads a blog post from Google product manager Prem Ramaswami. "This can slow down the browsing experience</google>
1. Yes every day I must lose a total of under 500 milliseconds of my life waiting my ISP's DNS server.
2. DNS lookups are typically cached locally on your machine. You would only get any [undefined] 'benefit' of the Google DNS on the first call. Unless you're bouncing around different sites constantly that amounts to less than diddly.
3. "some complex pages require multiple DNS lookups": yes - those would be the crappola ad / google tracker loaded sites. Ad Block anyone? [but remember to inspect and edit the default whitelist!]
Not before time
I recently spent half a fecking day, struggling to understand some garbage that was returned in a call to a webservice. Had to get on the phone, talk it through with the service provider ... finally it dawned on us ... the URL was mistyped in our db, and instead of getting an error (which the code would have flagged up) my ISPs DNS resolution was "helpfully" returning a page flogging domain names. So no error, the code was trying to parse and HTML page.
ISP is BT openworld btw.
sky = more evil?
I've just tried to change the DNS settings on the router supplied by (the otherwise excellent) Sky only to discover that they are preset and cannot be changed. I've rung the Sky helpdesk and they've confirmed it - the DNS servers used by Sky cannot be altered other than by using your own router (which isn't supported....).
Murdoch is a canny bastard.
You don't have to config DNS through your router
Easiest bypass is to configure all your internal machines to use static IPs in the range supported by the router typically 192.168.1/24 so they don't get DNS addresses through DHCP. Then get them to point to your chosen DNS resolver directly. Even better find an open source firmware compatible with the Murdoch owned router (if there is one) which doesn't brick or disconnect you.
Your requested website will follow shortly...
...right after a few words from one of our sponsers...
We could just
Rename it the googlenet
It's all in the wording...
"We don't correlate or combine your information from these logs with any other log data that Google might have about your use of other services, such as data from Web Search and data from advertising on the Google content network."
Notice the key words "from these logs". Think about that for second. It means that live, "on-the-fly" correlations, or correlations made with the data *outside* the permanent logs, is not denied.
You almost had me fooled, Google. Nice one.
Surely Gooogle's "speed" argument is completely bogus? I currently have a fault on my broadband (THANK YOU PLUSNET) making everything really, really, really slow, but time for DNS resolution is still negligible.
If you really wanted to speed up browsing, you'd ban Adobe Flash.
I can see where this is going though. The Gooogle Chrome appliance will have the DNS servers hardwired with no option for the user to change them.
- Nokia: Read our Maps, Samsung – we're HERE for the Gear
- Ofcom will not probe lesbian lizard snog in new Dr Who series
- Kaspersky backpedals on 'done nothing wrong, nothing to fear' blather
- Episode 9 BOFH: The current value of our IT ASSets? Minus eleventy-seven...
- Too slow with that iPhone refresh, Apple: Android is GOBBLING up US mobile market