back to article Taiwan government to block Google's public DNS in favor of HiNet's

The Taiwanese government intends to block Google's public DNS service, citing cybersecurity concerns. The question is whether those concerns are the government's or its citizens', with the government pushing its own DNS service – a setup that is typically used to spy on people's internet communications. The announcement comes …

Better tell the Australian government quickly, we don't want to be left behind with all the insecure people who can say or do - anything! Unchecked! Such horror! I do hope our betters protect us, for our own good.

5
1

China (PRC) vs China (ROC)

"Mainland" China (People's Republic of China (P.R.C)) has the Great Firewall (GF), China (Republic of China (R.O.C)) aka Taiwan as far as I am aware has a fairly open internet policy currently.

China Telecom is probably the same China Telecom in PRC which is PRC owned, if so this does become interesting as it seems PRC may be trying to introduce the GF into ROC.

Also bypassing the GF by using alternate DNS settings or host files with the appropriate IP addresses has not worked for over 2 years and many DNS IPs seem to be blocked.

0
0
Bronze badge

Re: China (PRC) vs China (ROC)

ROC probably get hacked, spoofed, etc extremely frequently by PRC and this looks like a ROC.gov attempt to thwart a lot of that. Can't say I blame them. As far as I know PRC's China Telecom isn't allowed to operate in ROC.

2
0

Re: China (PRC) vs China (ROC)

HiNet is owned by Chunghwa Telecom (literally “China Telecom”), not China Telecom (the mainland Chinese company).

Also the restriction seems to apply to government organizations only, as suggested by the presentation’s (https://web.archive.org/web/20170511071223/http://gsn.nat.gov.tw/upload/news/15b89122ee100000b603.pdf) title “政府機關 DNS 主機安全設定相關說明及常見問題”.

1
0
Silver badge

Good News

Let me recommend OpenNIC. Non-logging and democratic.

3
0
Silver badge
Stop

Re: Good News

Let me recommend OpenNIC. Non-logging and democratic.

And soon to be blocked?

1
0
Silver badge

Re: Good News

Not so easy to block. There's no fixed IP since many people operate servers. You could do so too if you are interested in joining. You can also just run your own without making it public. That's what I do. Another benefit of OpenNIC is that you can get free domain names, and even start another TLD if you are ambitious. We resolve our own as well as ICANN's.

2
0
Len
Thumb Up

Re: Good News

Exactly, despite the stated reason to get people off Google DNS is perhaps a bit dubious, I wouldn't touch Google DNS with a bargepole. Why would I voluntarily provide Google information on every single site I visit, every email server I contact, or every messaging service I use?

I have set OpenNIC servers as the DNS servers in my home router and all my devices (and those of my visitors) therefore use OpenNIC DNS data. The only thing it doesn't work for is Android phones (should a visitor have one) as they have Google DNS hardcoded.

2
0

Re: Good News

" The only thing it doesn't work for is Android phones (should a visitor have one) as they have Google DNS hardcoded."

I've never seen an Android ignore DHCP DNS server settings ?

2
0
Bronze badge

Re: Good News

Put a NAT in your firewall that redirects all google DNS IPs to OpenNIC IPs. Android devices on your LAN will now use OpenNIC for DNS resolution.

0
0
Silver badge

Security?

There is no security reason.

However, privacy?

0
0

Entirely misleading

I've just checked the source link. The GSN is only used by governmental departments.

If only you could ask someone who can actually read Chinese to verify the information, before concocting up this fear-mongering piece...

5
0

Re: Entirely misleading

We did asked someone who "actually reads Chinese".

And the piece states repeatedly that it is the government network.

It also digs into the fact that HiNet customers - not government employees - had some unusual problems with its DNS earlier this year.

We also supplied the source link.

Thanks

1
1

Re: Entirely misleading

So what's wrong with an organization restrict their online equipment can only use their own DNS service? Many companies are doing this, can also have benefit on using some internal customer domains for easy accessing internal tools...

0
0

Re: Entirely misleading

"I am Taiwanese, I actually read Chinese"

我是台灣人, 我懂中文

I also have a link states that AT&T users have issues with google public DNS server last year.

https://mailman.nanog.org/pipermail/nanog/2016-July/087072.html

So, maybe AT&T is also building GFW for US government ?

1
0
Silver badge

This could have worked 10 years ago.

Surely DNSSEC and associated record-pinning will make this just stop lots of website etc. working entirely?

0
1

"router overload"

$ telnet bofh.jeffballard.us 666

Your excuse is: Root name servers corrupted.

0
0

It is misleading description for the Taiwan government to block Google's DNS connection service, or to review and control the content of the Internet.

Taiwan government agencies are using the Government Service Network (GSN), and the GSN does not provide internet service for citizens. For the public internet in Taiwan, the internet policy is very open without attitude. Taiwan GSN DNS settings only affect our government agencies within the internal network service.

1
0
Linux

Misleading.....

This is an entirely misleading description of that presentation. GSN, the government service network, is like the intranet of government, all government agencies must connect to this for services. It does provide its own DNS service. I don't think it is ok to let users set up an external DNS server in an enterprise intranet, so as the GSN.

I work for the government, and used to be the program manager of GSN. The internet policy of Taiwan is very open, and WILL NOT block any DNS services or in favor of specific one.

2
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017