EU Wants To Build Its Own DNS Infrastructure With Built-in Filtering Capabilities (therecord.media) 57
The European Union is interested in building its own recursive DNS service that will be made available to EU institutions and the general public for free. From a report: The proposed service, named DNS4EU, is currently in a project planning phase, and the EU is looking for partners to help build a sprawling infrastructure to serve all its current 27 member states. EU officials said they started looking into an EU-based centrally-managed DNS service after observing consolidation in the DNS market around a small handful of non-EU operators. "The deployment of DNS4EU aims to address such consolidation of DNS resolution in the hands of few companies, which renders the resolution process itself vulnerable in case of significant events affecting one major provider," officials said in the DNS4EU infrastructure project revealed last week. But EU officials said that other factors also played a role in their decision to build DNS4EU, including cybersecurity and data privacy.
The more crap... (Score:5, Insightful)
Re: (Score:1, Insightful)
But OH SHINY LOOK OVER HERE blah blah blah censor you blah blah.
Exactly. First, it starts off at "look what we built, for the community".
Then it will be: "We'll filter bad things, you know, to protect the children"
Then it will be: "We'll make this mandatory for children, no worries, adults can still choose"
Then it will be: "This is mandatory now, for everyone. DeMoCRaCy"
Fuck the EUSSR.
Re: The more crap... (Score:3)
STANDARD (supposed) SECURITY CRACKDOWN ARTICLE FORM REPLY
We are headed for a one world fascist government, and this article shows another piece of what's coming together.
You won't even be considered a human being anymore, instead just a 'unit', with a police identification number to identify you. You will be a forever suspect, a potential enemy of the 'state', and they will constantly watch for any little thing to hang you for. They will always be hungry for your blood.
People l
Re: (Score:1)
That you build into what is supposed to be a basic communications setup, the more easily it will break and be hacked. It's a simple law of nature. The current version of DNS is still being improved and fixes implemented. But OH SHINY LOOK OVER HERE blah blah blah censor you blah blah.
Sure, it will be trivial to sidestep. For the 1% of population which are computer nerds and even know what DNS *is*. The other 99%? No news portals unapproved by EU overlords.
Re: (Score:2)
Some people might think you are exagerating, but you are not.
For several years now, being in EU, I had to change the DNS settings from my ISP to something else, as it didn't want me to see the drawings at (triangle)complex.
Sigh.
Re: (Score:2)
Well, the surveillance-fascists try and try and try again. Until they have an accurate record of any and all thoughts of every citizens, they will never be satisfied. Fortunately, this project is so obscure, I have not even seen it mentioned in the European press so far.
Re: (Score:2)
DNS blocking of malware and phishing sites is very mature now. Many ISPs do it, many users do it (thanks to APK I guess). What they are proposing will be of interest to many organizations and individuals in the EU, who want a simple DNS based protection system that is free and reliable.
The pirate site blocking is worrying, but again most orgs and users don't actually care about that.
In other news... (Score:3, Funny)
Re: (Score:3)
That'll happen along with all alleged pirate sites.
Re:In other news... (Score:5, Insightful)
The short-term goal of fighting crime is put ahead of any long-term concerns of fighting government encroachment and fascism. It's forgivable in that it is a rational choice when resources are limited and the need to stop crime is vital to society. There is possibly no nefarious agenda behind governments that try to shut down encrypted communication services (that don't cooperate with law enforcement).
But I do wonder where we'll be in 20 to 50 years. I predict either extreme and no middle ground, mass surveillance and authoritarian control of all communication, or revolution with collapsed dysfunctional democracy and the economic strife that comes with it.
Re: (Score:2)
Of the early comments, this is the one that I would have voted for as FP in the hopes of a productive discussion. But I wish you hadn't propagated the vacuous Subject.
But a better Subject? Right now I gut nuttin'.
Re: In other news... (Score:2)
"But I do wonder where we'll be in 20 to 50 years. I predict either extreme and no middle ground, mass surveillance and authoritarian control of all communication, or revolution with collapsed"
I think your prediction will not only come true, but will happen sooner than you think.
Give greedy, power hungry people some new toys, and I can guarantee that they will find every excuse to use it.
Just look what happened to the police forces in the United States. And take a look at the result:
Re: In other news... (Score:2)
Here is the cops in their Rambo getup
https://youtube.com/watch?v=0u... [youtube.com]
Re: (Score:2)
The short-term goal of fighting crime is put ahead of any long-term concerns of fighting government encroachment and fascism. It's forgivable in that it is a rational choice when resources are limited and the need to stop crime is vital to society. There is possibly no nefarious agenda behind governments that try to shut down encrypted communication services (that don't cooperate with law enforcement).
No, it's not forgivable. "Those who sacrifice liberty to obtain security deserve neither and loose both". This needs to be shot down, HARD, and people responsible for even floating the ideas need to be voted out of any public office they currently hold.
Re: (Score:2)
There is actually no need to shoot anything down. This is pretty much both technologically and legally impossible. They are just trying to appear to be doing something. The "voting out of office" is also difficult, because the other side (which you would need to vote in) is far worse. They would not only use empty words, they would actually try. Sure, they would very likely fail, but still.
Re: (Score:2)
Actually, no. These people know they cannot shutdown Telegram. Technologically, they have no chance. The Russians with far less protection of individual freedoms tried and failed. And legally, this will not work in Germany either. They just try to appear to be "doing something".
Re: (Score:2)
If it was a slippery slope it would already have happened. Private companies have been going to court to demand DNS level blocks on pirate sites for a couple of decades now, and governments have had bad site blocklists (like the UK and Canada's CleanFeed for a similar length of time.
https://en.wikipedia.org/wiki/... [wikipedia.org]
Re: (Score:3)
Re: (Score:2)
It also means they'll be able to see the sites you visit. Every DNS request sent is a decent indicator of a site you're attempting to visit.
That is certainly a primary motivation behind this.
Re: (Score:2)
Chances are they will just offer root servers, not directly accessible to users. Then ISPs and organizations will have their own DNS servers that refer to them when they don't have details of a requested domain.
You know, exactly how the current hierarchical DNS system works.
And don't forget Gab (Score:4, Insightful)
Germany has tried repeatedly to get Gab to censor Germans using the site. Gab's told them to go pound sand [gab.com]. Just watch as Germany tries to go after foreign platforms that allow "hate speech."
Re: (Score:2)
Ah, no. Some politico claimed that they are very seriously thinking about doing something they cannot actually legally or technologically do. In the German press, this was a small blip because everybody knows this is verbal public masturbation to appear to be doing something.
Dont use it then? (Score:2)
So dont use it? Dns isnt compulsory.
Until (Score:2)
They set up BGP rules to not allow extra-EU DNS queries.
Re: (Score:3)
Or just silently hijack it.
Re: (Score:1)
This is annoying, certainly, but all-but-guarantees the adoption of DNS-over-TLS or -HTTPS in the longer term.
No it doesn't. The nerds might adopt it, but 99% of the population will just go "huh? Why did my (unapproved by EU overlords) news portal stop working all of a sudden?"
Re: (Score:1)
Re: (Score:2)
Is that a HOSTS file you have keistered on a USB drive?
Re: (Score:2)
BGP does not work on port level. Also, they would break basically all the non-EU Internet for the whole EU if they could do that. Not going to happen.
EU version of GFW? (Score:1)
Re: (Score:1)
Re: (Score:1)
Re: (Score:2)
Not really. Just the usual authoritarian assholes trying to control what people are allowed to think. There is basically nothing they can do so they try to be loud instead.
Why would a user choose balkanization? (Score:2, Interesting)
I suspect that no users have been asking for filtering capabilities. If this is intended to be inflicted upon the European people, I don't think it's reasonable for the government(s) to expect rapid uptake. They might be able to literally force ISPs' DHCP servers to suggest a compromised DNS server to users, but it's not really practical to make people use it (unless they outlaw crypto).
"Yeah yeah, people disobey laws, what's new" you're probably thinking, but if different people go different ways on DNS, t
Re: (Score:1, Insightful)
Re: (Score:1)
I suspect that no users have been asking for filtering capabilities. If this is intended to be inflicted upon the European people, I don't think it's reasonable for the government(s) to expect rapid uptake. They might be able to literally force ISPs' DHCP servers to suggest a compromised DNS server to users, but it's not really practical to make people use it (unless they outlaw crypto).
Not really practical? How many internet users even know what DNS *is*, not to mention how to override the default settings provided by ISP? So once you force ISPs to set up everything to use EU-DNS by default, how many people are left seeing non-censored Internet? 5%? 2%? And you bet once they get that going you'll see "only fascists are avoiding EU-DNS, are you a fascist?" campaign targeting the remaining group.
EU Government In Brussels (Score:1)
is your Mummy and Da-Da...AND DON'T FORGET IT."
So will they reuire everyone (Score:2)
Er, What Consolidation? (Score:1)
Re: (Score:2)
Re: (Score:1)
Re: (Score:1)
Re: (Score:1)
Most people use their ISP's DNS server, it's only tech minded people who use 8.8.8.8 or 1.1.1.1 or whatever.
Wanna bet on how long after this system is working until EU mandates ISPs to set their DNS to forward queries to this system?
Re: (Score:1)
AaaaaahahahahaHAHAHA! (ROTFL!) (Score:2)
So let me get this straight:
You want to replace an outdated and broken DNS with an even shittier one?
How's that supposed to go?
Like that epic success "DE-Mail - E-Mail Made in Germany"?
*Tadum* *Crash* *Thud*
Thank you, thank you, I love you too!
This is reality outpacing satire, big time.
Re: (Score:2, Insightful)
So let me get this straight: You want to replace an outdated and broken DNS with an even shittier one? How's that supposed to go? Like that epic success "DE-Mail - E-Mail Made in Germany"? *Tadum* *Crash* *Thud* Thank you, thank you, I love you too!
This is reality outpacing satire, big time.
Sure, sounds funny. Until armed goons from "democratic" EU show up at your doorstep for communicating over UDP 53 with anything other than approved servers. Or attempting to send any traffic to anyone that they can't decrypt. Yeah, not happening today, but just wait 10-20 years.
DNS over HTTP (Score:2)
And now DNS-over-HTTP seems to make more sense: https://www.techtarget.com/sea... [techtarget.com]
I was worried for the replacement of an open protocol with an obscure one, and only China's great firewall would need such a thing. Now even Western "democracies" are worried about what people do freely online.
One way or another, lines are being drawn, and we will have a showdown. The Internet will either stay open and free, or will be another controlled telco service.
awesome, but... (Score:2)
EU wants to build its own DNS infrastructure (Score:2)
...with Blackjack and Hookers.
In fact, forget the DNS infrastructure!