[ NNSquad ] Re: Karoo is DNS hijacking

NNSquad - Network Neutrality Squad
NNSquad Home Page
NNSquad Mailing List Information

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] Re: Karoo is DNS hijacking

To: "Colin May" <colin@myfi.org>
Subject: [ NNSquad ] Re: Karoo is DNS hijacking
From: David Ulevitch <david@opendns.com>
Date: Thu, 27 Mar 2008 08:49:56 -0700
Cc: nnsquad@nnsquad.org


On Mar 27, 2008, at 2:18 AM, Colin May wrote:

As usual when this happens, we see our numbers grow (in this case, our UK account signups).
I was curious about this - from what I can see (based on the OpenDNS website 'Features' page and by doing some tests using dig) OpenDNS is no better than the other ISPs/DNS Service Providers identified as hijacking DNS.


You didn't do a good job reading.  There is no similarity at all.

If you're talking about us not returning NXDOMAIN, that's not true. Customers who want NXDOMAIN responses get them. The VAST majority of our customers, which includes 10's of 1000's of schools and businesses don't need them, or just set them up for their mailserver. We have a full web-based management system for IT administrators and parents to manage their DNS. T

The fact that we make money by showing search results when a domain isn't found is no different from how Google or Yahoo make money. And just like Google and Yahoo, people are *choosing* to use OpenDNS.

This is revolutionary stuff -- we've done more to secure the DNS in the last year than any other DNS operator has since it was invented.

After an ISP starts hijacking DNS NXDOMAIN responses and you see your numbers grow, do they then start to churn down again after people realise that OpenDNS are really no better an alternative?


Of course not.

(I appreciate there may be features in the OpenDNS service offering but these days web browsers also offer things like phishing warnings etc).


Indeed most of them use our data -- we run PhishTank: http://www.phishtank.com/friends.php

Managing the DNS on your network is just as important as having a last- line-of-defense in your browser. Security is about layers of protection.

[ OpenDNS isn't hijacking anything! OpenDNS is a fully opt-in service that users voluntarily choose to use by setting the OpenDNS servers in their systems.

DNS hijacking is best defined by environments that divert users' DNS requests in some way *without the users having requested such a service* (e.g., either opt-out only or no opt-out available).

There's a big difference.

Agreed 100%. Thanks. We're still dealing with this common misunderstanding of our service, even two years after we started the company and with millions of happy users.

I guess I need to hire a new marketing gun. :-)

-David

References:
- [ NNSquad ] Comcast claims FCC can't control Comcast's Internet practices
  - From: Lauren Weinstein <lauren@vortex.com>
- [ NNSquad ] Re: Comcast claims FCC can't control Comcast's Internet practices
  - From: "Bob Frankston" <Bob19-0501@bobf.frankston.com>
- [ NNSquad ] Karoo is DNS hijacking
  - From: "lynn" <nnsquad@ecgincc.com>
- [ NNSquad ] Re: Karoo is DNS hijacking
  - From: David Ulevitch <david@opendns.com>
- [ NNSquad ] Re: Karoo is DNS hijacking
  - From: "Colin May" <colin@myfi.org>

Prev by Date: [ NNSquad ] AP's take on the Comcast "treating all traffic equally" story
Next by Date: [ NNSquad ] Re: News: Comcast to end P2P interference
Previous by thread: [ NNSquad ] Re: Karoo is DNS hijacking
Next by thread: [ NNSquad ] FCC "High-Speed" Internet Report Released
Index(es):
- Date
- Thread