NNSquad - Network Neutrality Squad
[ NNSquad ] A quick comment on DNS vs. NSA
A quick comment on DNS vs. NSA You guys really read fast. A couple of lines in the item sent out a little while ago, touching on the issue of metadata and NSA as relates to third-party DNS services, caused a number of instant queries to appear in my inbox. Is this a real problem, especially considering that the vast majority of Internet users aren't likely of interest to NSA anyway? The question revolves around how sensitive resolved site lookup data actually is, in the broader context of the Internet. Most users simply resolve through their ISP-provided DNS servers and leave it at that (this can -- currently -- have some advantages in terms of helping content distribution networks serve the user from a geographically advantageous point, but that's a whole 'nuther discussion and the subject of considerable ongoing work). Some users resolve through their own DNS servers and systems, but this is mainly done by organizations with significant in-house tech resources (and more serious geeks). And a large number of users choose to use third-party services like Google Public DNS, OpenDNS (those are the two majors), and others. Google has a policy of anonymizing key fields of DNS logs in around 48 hours, and both Google and OpenDNS have clearly stated privacy protections overall for DNS-related data. But do these logs in whatever form they take represent attractive metadata targets to NSA (or whomever)? That's the question a number of people have been sending me this afternoon. I'll answer this way. In theory, they represent a metadata source that might be of interest (especially in unanonymized form), but in the scheme of things I don't think they're a big deal in context. Very briefly, a key reason why is that the major ISPs themeselves likely represent a much richer source of user metadata, having access as they do to *all* traffic-related aspects of users' Internet activities, one way or another. So if you want to use a third-party DNS service -- and there are good reasons for many users to do so -- worrying about metadata and NSA probably shouldn't stop you. --Lauren-- Lauren Weinstein (lauren@vortex.com): http://www.vortex.com/lauren Co-Founder: People For Internet Responsibility: http://www.pfir.org/pfir-info Founder: - Network Neutrality Squad: http://www.nnsquad.org - PRIVACY Forum: http://www.vortex.com/privacy-info - Data Wisdom Explorers League: http://www.dwel.org - Global Coalition for Transparent Internet Performance: http://www.gctip.org Member: ACM Committee on Computers and Public Policy Lauren's Blog: http://lauren.vortex.com Google+: http://vortex.com/g+lauren / Twitter: http://vortex.com/t-lauren Tel: +1 (818) 225-2800 / Skype: vortex.com _______________________________________________ nnsquad mailing list http://lists.nnsquad.org/mailman/listinfo/nnsquad