Beating Censorship By Routing Around DNS 216
jfruhlinger writes "Last month, the US gov't shut down a number of sites it claimed were infringing copyright. They did it by ordering VeriSign to change the sites' authoritative domain name servers. This revealed that DNS is subject to government interference — and now a number of projects have emerged to bypass DNS entirely."
Stupd move (Score:5, Insightful)
Re: (Score:2)
Re: (Score:2, Interesting)
You have got to be kidding. Don't forget that the UK lost India because of freedom of the press. The public read about violent crack downs and sided with Ghandi. Freedom of the press did not suffer.
Contrast to the US military, which believes that Vietnam failed because of the media. So they start their own manage-public-perception operation to ensure the success of their missions. We can all see how that is going.
Th
Get back in your Free Speech Zone (Score:5, Insightful)
Which is unfortunate because historically we've had a much better record on freedom of speech than most other countries,
Historically, meaning what? thirty years ago? Now we have special places where you can go to protest and no one will have to hear you. We have laws against saying bad things about food, [wikipedia.org] for crying out loud. Free speech is for the rich. If you own a media empire, you have some semblance of free speech. Otherwise, you only have freedom of speech until you say something that someone with money and/or power doesn't like.
Re: (Score:2)
Historically, meaning what? thirty years ago?
I think you are failing to understand the word 'Historically' correctly. If it were thirty years ago that we stopped really believing in free speech, his statement would still be correct.
Re: (Score:2)
I merely wish to emphasize that our freedoms of speech have been under constant and successful attack for quite some time not. Sorry if my wording irritated your inner pedant.
No laws against saying anything (Score:2)
You can say anything you like, and will never be arrested.
You might (might!) be sued, since that is what that law is about. But it's not specifically against the law to say anything you like.
Re:No laws against saying anything (Score:5, Informative)
Unless you try to protest at a political rally and refuse to go to your assigned Free Speech Zone out back by the dumpsters. But technically, you are right. You won't be arrested for 'speaking out.' You will be arrested for disturbing the peace or some other trumped up charge.
Re: (Score:2)
You can say anything you like, and will never be arrested.
Sadly, no. Hate crimes, criminal threatening, leaking government data, etc.
Re: (Score:2)
I'm sure there are quite a few places I can say something that gets me arrested. The airport comes to mind, as does the local courthouse.
Re: (Score:2)
We have laws against saying bad things about food, for crying out loud.
Those laws are against libel. You can say bad things against food it those things are true, just as you can say bad things about people if they're true, but you can't publicly lie maliciously about someone without fear of being sued for slander.
It's perfectly legal to give an opinion, as well. It's perfectly legal to say "I think Oscar Mayer hot dogs taste like shit", but if you say "Oscar Mayer hot dogs contain shit" then Oscar Mayer wo
Re: (Score:3)
It's perfectly legal to give an opinion, as well. It's perfectly legal to say "I think Oscar Mayer hot dogs taste like shit", but if you say "Oscar Mayer hot dogs contain shit" then Oscar Mayer would be perfectly within their rights to quash your lies.
Why? Their natural casing hot dogs are made from intestines, and even though the inner mucus is removed and they're well washed, will occasionally contain minute quantities of, ehrm, intestinal material.
Re: (Score:2)
Perhaps hot dogs weren't the best illustration. Potato salad, maybe?
Re: (Score:2)
Re: (Score:2)
Very useful shit, indeed.
But anyhow, what seems wrong is that for slander or libel against a person, there has to be malice, while for slander or libel against a company or their brand, that doesn't seem to be required.
The laws seem to favor coprorations over individuals. I wish we had justice instead.
Re: (Score:2)
Walk into an American courtroom and yell " I think this judge is is a corrupt piece of shit". Can you guess what happens?
Good luck expressing your opinion vs. a judge perceiving contempt.
Re:Get back in your Free Speech Zone (Score:5, Insightful)
"We have laws against saying bad things about food, [wikipedia.org] for crying out loud."
No -- no we don't. We have laws against deliberately and knowingly spreading false negative information about food products. But I don't expect that to get past your Slashdot mental filter.
Hahaha, oh, that is rich. Try saying that rGBH is bad. Heck, try marketing milk that is rGBH free. By claiming that your milk does not have bovine growth hormone, you are saying that bovine growth hormone is bad. And you will be sued.
Did you know that the standards of proof are different when you are being sued for badmouthing
food than when you are sued for badmouthing a person? When you badmouth a person, that person has to prove your guilt. When you badmouth food, you must prove your innocence.
I will repeat that. When you are sued for saying bad things about food, you are presumed guilty and must prove your innocence.
Re: (Score:3)
The bottle of milk in front of me (that was bought in a typical american supermarket) says, in the second largest letters on the label, and at the top of the label (their capitalization):
From Cows NOT Treated With ARTIFICIAL GROWTH HORMONES*
And then in the tinyest print on the label and at the very bottom:
*No significant difference has been shown between milk derived from rBST treated and non-rBST ttreated cows
Bought from the local supermarket in a typical American suburb.
So you are full of shit.
Re: (Score:2)
Well, I guess if you include a disclaimer that negates any reason for even including the original statement, you can say that. But you have to include the disclaimer.
Re: (Score:2)
Who cares. Didn't stop them making the claim that the post I replied to said wasn't allowed at all.
Requiring crackpots to put "* out claims that eating out product cures cancer and AIDS are lies and not approved by the FDA" isn't all bad.
And yes the FDA isn't perfect and there are likely many cases in which they disallow stuff that isn't bad for you and allow stuff that is.
Re:Get back in your Free Speech Zone (Score:5, Informative)
See the case Monsanto v. Oakhurst Dairy of Maine. Monsanto sued, forcing Oakhurst dairy to modify their labels.
Re: (Score:2)
See the case Monsanto v. Oakhurst Dairy of Maine. Monsanto sued, forcing Oakhurst dairy to modify their labels.
Since you don't provide a link to the documents, I'll ask:
Did Oakhurst Dairy fight it in court and lose? Or did they settle out of court without a battle?
One of the downsides of civil law is that anybody can sue anybody else for anything. Whether they can WIN on it is another story. But a lot of businesses might decide it is better for their stockholders to change a label and abort a minor marke
Re:Get back in your Free Speech Zone (Score:4, Informative)
I grew up (so I say anyways) in Maine, and for one summer worked for Oakhurst Dairy. Many of my uncles and my father worked for them as well.
The single most important thing to come out of that suit: Mainers now know that when you say your milk is from farmers that don't use hormones, you are getting milk without hormones. Some Mainers prefer that. All they wanna know is what's in their milk. Is that too much?
According to the food libel laws, actually it IS. A pox on all of them.
ps- Oakhurst is a fairly ethical company. Nobody's perfect, but they were trying last I knew. Their competition is largely out of state.
Re: (Score:2)
See the case Monsanto v. Oakhurst Dairy of Maine. Monsanto sued, forcing Oakhurst dairy to modify their labels...
...in a way [oakhurstdairy.com] which clearly stated they weren't making unfounded claims about the hormone:
Oakhurst retained the right to put its Farmers' Pledge on its milk label but added a disclaimer: "FDA states: No significant difference in milk from cows treated with artificial growth hormone."
Oakhurst never once claimed that the hormone had been proven to hurt anyone, but they saw a market of customers who wanted hormone-free milk, and went for it. Adding the disclaimer to the label indemnifies them from libel while still allowing the consumer to make their informed choice.
So, in that light, what exactly was your point? Because all I see here is a win-win for the consumer...
Re: (Score:2)
"...in a way [oakhurstdairy.com] which clearly stated they weren't making unfounded claims about the hormone:"
That would make sense if their label made such claims in the first place. Something it obviously did not do since they merely had to add an additional disclaimer not modify the existing "Farmers' Pledge".
"So, in that light, what exactly was your point? Because all I see here is a win-win for the consumer..."
It wasn't a lose for the consumer in the first place. Monsanto shouldn't be able to make anyo
Re:Get back in your Free Speech Zone (Score:4, Interesting)
Re: (Score:2)
Got anything more recent? All this says is that the company that makes the chemicals got pissed and sued. Big deal. You can sue a ham sandwich. What actually came out of it?
(And I'll Google it myself, so don't bother, but I'd like to point out that you just linked to a 90%-non-story.)
Re: (Score:2)
I guess if you're incapable of reading TFA, or at least the first paragraph, we can quote it for you:
Food libel laws, also known as food disparagement laws and informally as veggie libel laws, are laws passed in 13 U.S. states that make it easier for food producers to sue their critics for libel. These 13 states include Alabama, Arizona, Colorado, Florida, Georgia, Idaho, Louisiana, Mississippi, North Dakota, Ohio, Oklahoma, South Dakota, and Texas.[1] Many of the food-disparagement laws establish a
Re: (Score:2)
As I mentioned to the other AC, see the case Monsanto v. Oakhurst Dairy of Maine. Monsanto sued, forcing Oakhurst dairy to modify their labels.
Re: (Score:3)
Re: (Score:2)
Exactly. My first though when I heard about the US ordering ICANN about was, "Yup, I guess its time to pull up stakes from the HQ in the US and move elsewhere, Belgium and Aus I suppose..."
I find it disturbing that one country and simply just get up and do this... time to show that famed internet redundancy the internet was created for in the first place!
Re: (Score:2)
Old stand-by: hosts file (Score:3)
Re: (Score:2)
0x165 Have you memorized the HOSTS.TXT table? ... Are you up to date?
0x166
(From the Hacker purity test [armory.com]
Re: (Score:2)
And then you need to rely on some service to update your file. And if that service is in the US, you'd end up with the same problem.
And you'd need to extend the Hosts file and get a daemon to update it, you'll just end up rewriting the wheel.
The problem isn't with DNS as a technology, it's with the general TLDs being centrally controlled by only one organization.
That's why the P2P DNS solution is based on the creation of a new TLD (.p2p) which wouldn't be controlled by the ICANN or any government.
Re: (Score:3)
And why the P2P DNS solution is going to have serious trust issues.
Without a trusted issuing authority or external verification, how to I know that the IP address being returned for PayPal or Amazon is actually pointing to the real PayPal or Amazon?
And not to some site in Russia that's sitting there just waiting to collect credit card numbers?
Hell, how would I know that wikileaks.p2p is even wikileaks? Might as well hijack that one too, and ask for donations.
Re: (Score:2)
Certificates used in https signed by someone you trust?
Same way you know when you go to your favorite site now it's not actually a DOJ server? (that is, you don't).
On;y use p2p when .com doesn't work anymore?
Re: (Score:3)
The root servers hold the root zones (oddly enough)
ftp://ftp.internic.net/domain/root.zone [internic.net]
In that, there are entries for each tld.
za. 172800 IN NS za1.dnsnode.net.
za. 172800 IN NS disa.tenet.ac.za.
za. 172800 IN NS nsza.is.co.za.
za. 172800 IN NS za-ns.anycast.pch.net.
za. 172800 IN NS sns-pb.isc.org.
hippo.ru.ac.za. 172800 IN A 146.231.128.1
hippo.ru.ac.za
Re: (Score:2)
It is still possible to set up a separate set of DNS servers to serve your dark net machines. And those DNS servers are your business, not the governments business.
But as you noted - a hosts file usually works pretty well.
Re: (Score:2)
And those DNS servers are your business, not the governments business.
Until the government decides otherwise.
The FCC is already bypassing Congress to implement NN and the EPA is also bypassing Congress to implement Cap & Trade, both through just writing regulations with the power of law, effectively creating laws without legislative participation or oversight.
Congress does not have the power to delegate, "loan out", or "sub-contract" the power to legislate and create law according to most plain language Constitutional interpretations. Not that the SCOTUS and/or lower cour
Re: (Score:2)
Until the government, like China, starts blocking specific IP addresses.
Re: (Score:2)
Re: (Score:3)
It took me over a fucking week to get wifi working on linux. Then I gave up. Linux and Mac OS are the biggest fucking kludges I've ever seen.
Then you were doing it wrong, or doing it in 1997.
too harsh (Score:2)
Depending on your system wi-fi on Linux was difficult up through around 2003-5. And it's still not perfect.
E.g., A DVD-1 of Debian Squeeze (two months ago) doesn't contain some of the files needed to enable wi-fi. To get it working you need either some other install disk (DVD-2?) or a hardwired connection.
OTOH, I'm more bothered by the way it mismanages power when on battery. I know there are answers out there, but switching to Ubuntu was an easier answer.
Re: (Score:2)
Developers are, in general and these days, users, and tend to know little about low-level or system operations, at least not outside their own field of expertise.
I would venture a guess that not one in five typical Windows programmers has the faintest idea of "cacls" is, or can tell why it's bad to give full access to the root of a share.
This doesn't mean that programmers are stupid, but it's just not within their daily field of work, and likely not within their field of interest either.
how is it censorship? (Score:2)
the article says and even links to the fact that the US Government busted people selling counterfeit or pirated goods. selling a pirated copy of a movie is not the same thing as sharing it. it's a real criminal offense
Re:how is it censorship? (Score:5, Informative)
As has been noted elsewhere [eff.org], a number of the sites seized were, in fact, quite legitimate ones.
Bypassing due process is quick and cheap in the (very) short term, but an expensive disaster over the long haul.
Re:how is it censorship? (Score:4, Interesting)
Completely clean? The companies are not run out of the US. Would it be illegal buy a billboard and put come to something that's illegal in your is legal here? By that logic the Indian casinos should not be able to advertise outside of there res since gambling is generally not legal elsewhere? Should we seize there domain names?
Re: (Score:3)
I'd put money on it that somewhere in Amazon's thousands of listings there are a handful of counterfeit or pirated goods. Should the DNS providers go along with a government order to have Amazon de-listed? You might argue that these sights knew what they were doing and Amazon does not, but I would respond with the argument that there should be some due process there, not just a random bureaucrat making the decision.
Re: (Score:2)
i'd say something like 99.999% of amazon's listed products are legit and they will take action of if informed of pirated goods. the domain names seized clearly had names that used other brands to make people think they could get luis vutton for cheap
Re: (Score:2)
Re: (Score:2)
Not Amazon either. I'd go along with 99.9%. If they tack on another 9, then I want proof. If they tack on two or three more nines, then it had better be damn good proof, and I'll still be dubious. When they claim 99.9999%, then I claim hogwash. And I won't be likely to believe any proof they offer.
I note that neither proof, nor even an argument for plausibility was offered. Merely an assertion. I suspect an astroturfer charged with defending "Amazon's good name". Either that or a troll.
Re: (Score:2)
Re:how is it censorship? (Score:5, Insightful)
the article says and even links to the fact that the US Government busted people selling counterfeit or pirated goods.
Wrong. The article says that the "ICE said" that these sites were "engaged in the illegal sale and distribution of counterfeit goods and copyrighted works". These are allegations, not "facts". Preponderance of evidence proving a crime has been committed is accomplished only through proper due process. There were no references to a court order, no references to a court trial, nor any reference to admittance of a crime. It is apparent to me that the DNS redirects were accomplished under duress of an executive agency without judicial oversight:
The seizures were accomplished by getting the VeriSign registry, owner of the .com and .net top-level domains, to change the authoritative domain-name servers for the seized domains to servers controlled by DHS.
I would call this unconstitutional, regardless of any supposed law that may be reference to the contrary. If these actions were done under a court order with judicial oversight accomplished through a supportive affidavit of the specific crime and specific circumstances, it would be different.
At this point in time, it is simply one government agency (or rather a group of related agencies), all this is is the effective removal of someone's publication of information. Until the judiciary orders its removal, it is nothing less than censorship.
We won't even go into the allusion in the article that the government is apparently deceptively redirecting site traffic to its own servers.
Re: (Score:2)
The seizures were accomplished by getting the VeriSign registry, owner of the .com and .net top-level domains, to change the authoritative domain-name servers for the seized domains to servers controlled by DHS.
I would call this unconstitutional, regardless of any supposed law that may be reference to the contrary. If these actions were done under a court order with judicial oversight accomplished through a supportive affidavit of the specific crime and specific circumstances, it would be different.
At this point in time, it is simply one government agency (or rather a group of related agencies), all this is is the effective removal of someone's publication of information. Until the judiciary orders its removal, it is nothing less than censorship.
And I'd agree. In the meat-space USA they never actually take away your ability to speak. They can punish you each time you decide to do it, but they can't usually 'de-list' you from the planet unless you've done something really, really bad.
So why is it in cyberspace that they suddenly gain such powers?
Up next (Score:2)
Up next... BGP. We can't let the Chinese upstage us in our censorship efforts.
What's really up next... (Score:2, Insightful)
...is govt mandated DNS servers. You go thru theirs, so that can track every hostname you resolve and presumably visit, or if you try to circumvent then that'll become a crime.
Due process anybody? (Score:5, Insightful)
The issue here is due process, registrars should ignore any government "request" to remove or redirect a DNS entry unless it is ordered by a court of law.
The same applies to the former DNS provider for wikileaks, visa, mastercard and anybody else who stopped doing business with them just because they got a call from some government dude accusing them of illegal activity.
Re: (Score:2)
Who's court though? Iran's? China's? The US's where many judges are elected, or are vetted by politicians first?
Re: (Score:2)
The issue here is due process, registrars should ignore any government "request" to remove or redirect a DNS entry unless it is ordered by a court of law.
The same applies to the former DNS provider for wikileaks, visa, mastercard and anybody else who stopped doing business with them just because they got a call from some government dude accusing them of illegal activity.
<sarcasm>OMGtERRORism! In a clear/present danger situation do we want to really wait around for niceties like court orders and other mamby pamby stuff? Executive branch needs this right now or they cannot effectively tyrranize. Why do you hate America stop sympathizing and giving aid to terrorists.</sarcasm>
Re:Due process anybody? (Score:5, Informative)
However, this is not that particular domain seizure. This is a redirect to government servers ("spoofs", if you will) with no judicial oversight. Furthermore, there was no judicial order for VeriSign to act in such a deceptive manner in support of a government actor.
Your post only goes to prove the GPs issue on due process. If they were able to follow the rules then, why not now? This simply constitutes censorship until evidence and affidavit are submit to a judge in due process of law to obtain a writ. Only then does this become an injunction and not censorship.
Re: (Score:3)
Anything of these good? (Score:2)
It seems like there are potential problems here. With 4LW, I still need to memorize a set of 4 unrelated words for each site, and there's basically a single point of failure. Plus, as the article points out, it assumes a single domain name per IP address, and also IPv6 will complicate things.
P2P DNS seems like a good idea, but getting DNS from random services seems open to attack. One way around this would be to have signed DNS records, but then you still need some kind of authority for the signing. I
Re: (Score:2)
Signing should work. One simply(?) has to keep track of trustworthy signers.
TSA vs. the OpenPGP web of trust (Score:4, Funny)
One way around this would be to have signed DNS records, but then you still need some kind of authority for the signing.
I would have kneejerk replied "try the web of trust", but that's under attack as a consequence of the actions of the U.S. Transportation Security Administration. The OpenPGP global web of trust relies on some users traveling hundreds of miles to key signing parties so that they can extend the web of trust by meeting well-known people living far from them. Otherwise, if Alice is trying to communicate with Bob, but nobody living near Alice has gone to a key signing party with someone living near Bob, they can't verify each other's keys. But the TSA with its "Rapist-scan" backscatter machines [wikipedia.org] and "gate rape" pat-downs is making it hard to travel such distances.
Curious (Score:2)
On the one hand we have people championing DDOS attacks on websites via vigilante action which inflict damage to innocent websites [slashdot.org] on the other hand, many of these same people are protesting a government with properly issued warrant shutting down websites.
The question is, for those that support the former, and not the latter, exactly what kind of society you are really wanting where laws are meaningless and mobs rule? I'm sure you're fine with it until the mob ruling isn't your kind of mob. What then??
Re: (Score:2)
"What then??"
Join or build a bigger gang, and mob deep when you roll.
That's really never been different, merely prettified and named different names.
Re: (Score:2)
a government with properly issued warrant shutting down websites.
I think the issue here is that the only reason people were generally ok with letting the US have that level of control was that they weren't supposed to kill access to a website for everybody on the planet simply because it was breaking a law in one country.
Arguments like "but it's located in the US, so it has to follow those laws" don't really work here since the whole point was that it wasn't supposed to be controlled by any one country, but it was too much of a hassle to make it properly international as
Re: (Score:2)
If you're a geek, then you understand the difficulty and ultimate futility of blocking a DNS entry to just the US and not the rest of the world truly is.
And exactly how was the US supposed to accomplish this impossible task?
If you suggest "international court", I'll laugh at you and call you arrogantly stupid. This is the same international community that thinks Libya is a good representative for human rights, and Obama was deserving of a Nobel Prize for his "potential".
Re: (Score:2)
On the one hand we have people championing DDOS attacks on websites via vigilante action which inflict damage to innocent websites [slashdot.org] on the other hand, many of these same people are protesting a government with properly issued warrant shutting down websites.
The question is, for those that support the former, and not the latter, exactly what kind of society you are really wanting where laws are meaningless and mobs rule? I'm sure you're fine with it until the mob ruling isn't your kind of mob. What then??
You're looking at it from an American point of view. If the US wants to block a website, that's their prerogative. But they blocked it *everywhere* - in the US, in Canada, in China, in Europe - everywhere. (And it just occured to me that they also gained the ability to see - at least for a limited time - *who* was going to those sites, which would explain why they didn't just blackhole the domains).
So look at it in reverse - if China (for instance) had provided a properly issued warrant demanding that a sit
Re: (Score:2)
SO, exactly, how does one Partially block a website in the US?
Re: (Score:2)
I don't know, but I'd suggest asking China, since they seem to be the industry leaders in such thing.
And before anyone asks, yes, I'm equating the US takedowns to Chinese censorship. It's a government deciding what it's citizens can or can't see online. The only difference is that China generally has the good manners to only censor to people inside it's borders.
let's also break the SSL certificate cartel (Score:2)
let's also have an open, distributed, trustable system for ssl certificates where I don't have to line the pocket of a Versign or other agency to have SSL communication. Ever try to get Android or such to work with SSL gatewayed systems, can be very painful the current way
Re: (Score:2)
false, we can make a trustworthy certification authority web more trustworthy than the current CA
Question your assumptions, who says Verisign is trustworthy, and why are they trustworthy (in fact they are not, have committed crimes of monetary damage to all internet users on several occassions)
Re: (Score:2)
By definition, that doesn't work. A certificate is the product of a certification authority, and it certifies you are who you say you are. You're talking about web of trust. Very different model, and even less trustworthy than a CA.
::Sigh:: Some CA's are more "trustworthy" than others. The current CA system is broken... let me repeat that: OUR CA SYSTEM IS BROKEN, since, for example, China's CINNIC CA can create a valid cert for Google.com without Google's permission.
At least a web of trust has a chain of signatures that I can validate by personally contacting each person in the chain: "Hey, Alice, my good friend, you signed Bob's cert, what's his number I need to find out about Carl since Bob signed Carlo's cert, and Carlos signed
Freenet (Score:5, Insightful)
Instead of re-inventing the wheel Why not try out a existing darknet in the form of Freenet http://freenetproject.org/ [freenetproject.org] or i2p http://www.i2p2.de/ [i2p2.de]
Re: (Score:3)
Re: (Score:3)
Instead of re-inventing the wheel
Instead of re-inventing the wheel why not just use Fidonet? [fidonet.org]
Hell, I was using Fidonet since before the Internet was available to the masses.
Tell you what, why don't we let those that have ideas, and itches to scratch rally supporters for their own implementations based on their own merits, and let the best protocol win?
Sometimes you have to break an egg to make an omelet; Sometimes you have to re-invent a wheel or axle to innovate.
From the P2P DNS project wiki (Score:2)
We currently believe the best way to create a stable environment for TLDs is to enact a central authority. We know this will cause much argument within the community, but we have made the decision that we believe will be best for the continued development of this project.
http://dot-p2p.org/index.php?title=Main_Page#Announcement [dot-p2p.org]
Really?
Re: (Score:2)
I forked the project and a couple people came with me.
http://dnsp2p.gp5st.com/w/index.php?title=Main_Page [gp5st.com]
We want a fully decentralized dns system. We're currently discussing ideas and reading acedemic articles on DHT security and attacks.
A lot of responses here keep pointing to I2P (Score:2)
...or something a lot like it. Ive been using I2P for over a year and the more censorship and surveillance fiascos I see in the news the more invaluable it seems.
1. 'The issue is due process.'
What about coping with an absence of due process? What about communicating and organizing around the need for due process? You need a way around centralized control in the first place in order to bring pressure to bear and undermine establishment false propaganda.
2. 'DNS is being abused and IP addresses blocked'
Some an
Too easy... (Score:2)
What about the reverse zone? (Score:4, Interesting)
Re: (Score:3)
It could be interfered, but it would be harder. They'd have to track down the ISP. If the ISP is in another country, it's even harder. OTOH, lots of ISPs don't set up their reverse DNS.
A workaround? (Score:3)
Maybe a wizard can supply the details, but it seems we could just host our own DNS file. I would think it could be set to allow review and rollback.
You know eventually the governments will take control over "the internet". The opportunity to monitor our transactions, email, IM, books, video, music, news, comments etc. is irresistible to them. We may as well start building darknet now (or send me an invite if I'm late).
Every IP address has a number (Score:3)
... like this: http://3626153261/ [3626153261]
Re:Pointless (Score:5, Informative)
most sites share a numeric IP with many virtual hosts. in that case, you need to put the desired host header field into your http request.
Re: (Score:2)
Also, DNS is for more than just convenience. We used to have various other systems to find the IP address of a host that we knew was out there (Archie?), and now DNS maps human-recallable names to an address.
Let's say the DNS entry for twitter.com was pulled down. What's the IP address for Twitter? I have no idea. Even if I Google it, the Google entry still points me to "http://twitter.com" We nerds could probably figure out a way around it; find somebody that posted the address somewhere, type it in manua
Re: (Score:3)
We used to have various other systems to find the IP address of a host that we knew was out there (Archie?)
Standard NIS, still shipped on nearly every unix/clone can serve/receive hosts files, and a tweak of the nsswitch.conf file can make it precede DNS.
Re: (Score:2)
Removing the main DNS entry is really quite pointless: anyone who really wants to get to the site can just enter the IP into the browser. DNS is simply "syntactic sugar" to make websites easier to remember. While it's true that removing a DNS entry will stop a lot of people from getting to the site at first, eventually the IP will start going around, and anyone who really wants to will be able to access it again.
Not true. While many sites have a dedicated IP, a great deal are hosted on a virtual server where the IP address is the same for a large number of sites. If one attempts to connect to the website via its IP address, the browser will be given the default site for that server (depending on how the admin set it up). In a case where an admin wants to be reached by both domain name AND IP address, the IP address would have to be dedicated. Using an IP address also doesn't help if the website's designer uses
Re: (Score:2)
Using an IP address also doesn't help if the website's designer uses absolute paths (gawd, yes, it still happens).
"/story/" is an absolute path, since it takes you to the document root of the webserver. I think you are referring to a fully qualified path, where the domain name (and perhaps protocol) are also included.
/etc/hosts is your friend and will easily help you work around both problems without having to build your own HTTP headers or rewrite any URLs.
In any case,
Re: (Score:2)
Using an IP address also doesn't help if the website's designer uses absolute paths (gawd, yes, it still happens).
"/story/" is an absolute path, since it takes you to the document root of the webserver. I think you are referring to a fully qualified path, where the domain name (and perhaps protocol) are also included. In any case, /etc/hosts is your friend and will easily help you work around both problems without having to build your own HTTP headers or rewrite any URLs.
True! My mistake, I did indeed mean to say 'fully-qualified'. Modifying /etc/hosts will work, but, can you imagine the hassle that would create? As an aside, the Internet originally had no DNS servers...all names were resolved using /etc/hosts...and now, what's old is new again...let's devolve everyone! Thanks be to the democratic/republican governments loaded with tyrants!
Re: (Score:2)
The only virtual-server setup that I've seen involves a separate (dedicated) IP address for each virtual domain on the server. If you set up a free account with some web-host that gives you a subdomain, then yes, you would run into this problem, but any decent paid hosting plan (one that presumably involves a registered domain) gives said domain a separate IP. I do agree with you on absolute paths though...
That's a tough one, as all the hosting services out there are trying to conserve IPv4 addresses. I say each site deserves its own IP, but, who am I to say...We have a major telecom ISP that hosts thousands upon thousands of sites off of one IP address.
Re: (Score:2)
Removing the main DNS entry is really quite pointless: anyone who really wants to get to the site can just enter the IP into the browser. DNS is simply "syntactic sugar" to make websites easier to remember.
I'm wondering if we'll just revert back to plain ol' IP addresses. We remember phone numbers, after all.
Re: (Score:3)
Says the guy who evidentally doesn't realize DNS is more than just a simple name-IP mapping scheme.
DNS is what allows your email client to figure out who the mail exchanger is for a domain. Without it, email wouldn't work.
DNS allows for failover and round-robin load balancing for services.
DNS and the Host header make HTTP virtual hosting possible.
Dynamic DNS allows one to have a constant, logical name, even if an underlying IP is changing.
I'm sure there are many others... these are just the first few that
Re: (Score:2)
All the more reason we shouldn't let random politicians mess with it arbitrarily, no?
And I'll happily admit I'm not an expert on the inner workings of DNS. But the US actions show that DNS can't necessarily be trusted anymore, either.
Re: (Score:2)
While you're not wrong, per se, you do seem to be a bit behind the times...
DNS is what allows your email client to figure out who the mail exchanger is for a domain. Without it, email wouldn't work.
E-what? That stuff is dieing, or certainly would be in a world where we can't count on DNS anymore...
DNS allows for failover and round-robin load balancing for services.
WTB router, pst.
DNS and the Host header make HTTP virtual hosting possible.
Virtual hosting sucks, existing largely only for hosting providers to tier their offerings. That could stop and only the providers would notice or care.
Dynamic DNS allows one to have a constant, logical name, even if an underlying IP is changing.
THIS is a solid point. Can't argue here...
Anyway, I guess my point is, if DNS works for you and you don't mind the government having total power over your name resol
Re: (Score:3)
While you're not wrong, per se, you do seem to be a bit behind the times...
And every single one of your "counter-arguments" is absurd. Why did you even bother? I mean, really, you couldn't spend the time to come up with something at least seemingly lucid? I mean, really...
If you think email is going away, you're delusional.
If you think DNS isn't used for round-robin load-balancing and failover, you haven't resolved www.google.com... ever.
If you think "Virtual hosting sucks" and that "That could stop and
Re: (Score:2)
I gave up memorizing phone numbers a long time ago, now you want me to memorize IP addresses?
It would be helpful if browser makers woul have bookmarks remember the IP address and the domain name, and display them.
Re: (Score:2)
no complaints from me about eBay service.