Tag Archives: tech

Open DNS Reviewed

I’ve tried alternate DNS services in the past but I’ve never had much luck with them. They never had anything substantial to offer other than being “better” than your ISP which was a marginal improvement at best. Recently I had an issue with www.co-optimus.com not resolving properly and RoadRunner kept sending me to their search page. I’ve had it happen on other sites too but it was never a major issue. Finally, I asked if anyone else was having that problem and nobody did, but Nick (bapenguin) suggested I should try Open DNS. Reluctantly, I did. And I was pleasantly surprised. Not only did it fix my DNS problems, it also introduced me to several DNS features I’ve never seen offered before.

DNS Resolution: As the primary service Open DNS offers, they do a fantastic job. I’ve yet to run into the issues I had with RoadRunner’s DNS servers. The Open DNS servers are quick (<15ms), and have yet to fail on me.

Dynamic IP service: I’ve been using DynDns.org for longer than I can remember so it took a leap of faith for me to switch my router from using DynDns.org to Open DNS’s DNS-O-Matic. To my surprise (again) DNS-O-Matic is capable of updating all kinds of third party services with your IP. Since my router is always on, I have yet to change IPs since we moved so I can’t really vouch for its reliability, but it always responds right away when my router reboots and says no update needed. The fact that it updates so many other services is a huge bonus and I plan on taking a good look at the list to see what else I’ve been missing.

Domain and Category Content Filtering: With Open DNS, you can set up content filtering in three ways. The first is a level system where “none” disables filtering, “minimal” prevents you from visiting known phishing sites, “low” and “moderate” block adult/porn and illegal activity sites, and “high” blocks time wasting sites (social networking, music, videos, etc). You can also use the “custom” level to pick and choose from 52 categories. If there are specific domains you want to blacklist or whitelist, you can do that too. Using this method, I’ve blocked a few ad networks that I don’t care for. The only problem I’ve had with this is I can’t get Last.fm to work while blocking doubleclick.net. I’m sure that would be an issue with any ad blocking method so I can’t blame Open DNS for that. However, it would be nice to set exclusions so doubleclick.net would not be blocked while visiting Last.fm. From a DNS server standpoint, that would be difficult.

Shortcuts: I personally don’t see much of a point in using shortcuts but I could see how they might be handy. Basically, I can set up a shortcut to go to my blog by typing “blog” in the address bar and hitting enter. You can also set up advanced shortcuts where you could type “wikipedia internet” and it would search wikipedia for “internet.” That, I could see being more useful.

Stats: Open DNS keeps track of all your requests, if you desire, so you can see graphs of requests on your network. You can see a list of all the domains you’ve requested and how many times you’ve requested them. This could be a very handy feature for some people but personally, its not too exciting.

Ease of Use: The initial setup can be daunting if you’re not a network guru. This is not something a novice should set up on their own because it could really mess up your network. However, they do have pretty good guides for people who take the time to understand what they’re doing. Once everything is set up, nobody needs to know its even there. It works just like before, just safer, and more reliable. If you need a hand, feel free to ask me!

There are a few other features to play with but these are the features that stand out and can be pretty useful. Overall, Open DNS provides safe, secure, and dependable browsing. I hope they stick around because I really don’t want to switch back to RoadRunner’s crappy DNS servers.

Steve Ballmer Doesn’t Get It

Poor Steve Ballmer. You can always count on him to stick his foot in his mouth. Whether its claiming a new trend will never be big (ie. iPhone), or accidentally revealing something that M$ wasn’t ready to announce, or just plain being wrong, he’s always good for a laugh. Recently, he seemed a bit confused as to why Google is releasing a second client OS. Last I checked, M$ has had two current client operating systems for quite some time (PC, mobile). Why that’s so perplexing to him, I have no clue. Google made their directions of the two operating systems pretty clear (Android = mobile, Chrome OS = netbook/laptop/PC) which is pretty much M$’s model as well, minus all the different releases (Home, Pro, Media Center etc). All I know is I’m looking forward to that new xbox coming in 2010 (joke).

How We Know Chrome OS Will Be A Hit: Steve Ballmer Doesn’t Think So[TechCrunch]

Google Apps is out of beta (yes, really)

Google Apps out of beta

I never thought I’d see the day. Google Apps is finally out of beta. But just in case removing the beta tag lessens its “cool” factor, you can re-enable the beta tag in the logo from the settings menu in Gmail.

Google may have a different view of “beta” software but I think its a wise route to go. Especially in Google’s case where they’re providing such feature rich online applications for free. Besides the obvious liability issues, they also gain some breathing room when it comes to implementing new features. If something doesn’t work the first day they put it out, they can avoid a lot of flack by saying its in beta. While that might seem like a cop-out, it allows them to test with a huge volume right off the bat to eliminate scaling and compatibility issues. Its not always ideal for the end users but that’s something you just have to weigh against its obvious benefits as well as against its competitors. Personally, I haven’t had any major issues with any of the Google Apps and they are extremely handy.

The only reason I regret to see Google Apps leave beta is that it may slow the rate that they implement new features. The Labs features will remain but they certainly won’t be moving features into the mainstream as fast as they have in the past. Of course that’s just my speculation, but taking the beta tag off usually implies they’ll keep the products stable and will try their hardest to avoid introducing new bugs. That means they’ll have a more careful and slower development cycle.

Google Apps is out of beta (yes, really)[Official Google Blog]

Iranian Activists Enabled by US Technology

Onion routing is some seriously cool secure networking. This is way beyond encrypted tunnels. Basically you have a series of “onion routers” which each have their own public/private keys. When you send a message to the first router, it randomly picks a series of the other routers and encrypts the message with each of those routers’ public keys. Then it sends the message to the last router who’s key was used to encrypt it. That router decrypts it and sends the message to the next router who’s key was used to encrypt the message. So you have multiple layers of encryption, each router peels a layer from the “onion” and sends it to the next router creating a completely random path. When it reaches its destination, the response is put in the included “reply onion” and sent back a different path. Therefore not even the destination knows the origin!

In order to compromise this, one must either have control of ALL the onion routers, or break the multiple layers of encryption. Sounds pretty solid to me.

I just have to note one thing though, the Wired article is inaccurate since its saying they’re poking holes in Iran’s firewall. Really its not poking holes. Poking holes implies you’ve hacked the firewall and opened up access to something that was previously blocked. This tech is sending encrypted packets through protocols and ports that are apparently still open. Whoever controls the firewall could easily block known onion routers or block the protocols/ports they’re using, making it a much more difficult first hop. They also do not mention if this traffic is masked as simple web traffic or what. Onion routing is simply a means to disguise the origin, destination, path, and messages, not for bypassing firewalls. However, if the firewalls block Twitter.com, for example, the firewall would not know to block these onion messages going to a random onion router who’s final destination is Twitter.com. Still, that’s not “poking holes” in anyone’s firewall. That’s just being sneaky.

Must reads:
Activists Use U.S. Tech to Poke Holes in Iran Firewall[Wired]
Onion Routing[Wikipedia]

Lets Beam the Internet to Iran!

I love these types of stories. A reporter asked White House press secretary Robert Gibbs if the White House was considering beaming broadband internet to Iran via satellite  so opposition forces could communicate more freely. That’s one of the most ridiculous things I’ve heard in a while. Lets just wave our magic wand so our satellites start talking to cell phones that are designed to talk to cell towers. Yeah, good idea!

Lets put it this way. Ignoring the fact that satellite and cell phones are different technology, and that the cell phones would need complicated re-programming to talk to a different network, you’re still asking a tiny cell phone to hold a two way link with a satellite orbiting the Earth instead of a cell tower just miles away. Any other crazy ideas would involve smuggling in quite a bit of equipment which would make for easily traceable targets.

In case you were wondering, for a satellite to be in geosynchronous orbit, they have to be about 22,300 miles from the Earth’s surface.

Source: Slashdot Technology Story | Could We Beam Broadband Internet Into Iran?.