[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 22 March 2014 10:26, Martin Gautier <martin.gautier@xxxxxxxxxxxxx> wrote: > I'm trying, here, to assert that DNS isn't "a serious bug in the Internet, > not a feature" ... but you don't understand its architecture, functions, institutions and processes well enough to do so without looking, well, a bit silly. For instance, you use the phrase "their DNS". No! There are *not* multiple DNSes owned and controlled by multiple actors; there is exactly one DNS. Unlike the Internet, it is centralized. That is a bug. That is precisely the point of this thread, and if you had read it through from the start you would know that. Perhaps your error comes from misreading the S in DNS as "server"? It is in fact "system". You also do not seem to have noticed, when claiming that DNS ensures free speech, that you are responding to a report of DNS being used to block Twitter, which is precisely a deliberate and malicious abridgement of free speech by state actors. Are you under the misapprehension that the alternative DNS server IP addresses painted on the wall in the picture Gordon linked to are a sufficient fix? If so, allow me to point out two things that should be obvious. First, 99.9%+ of Twitter users don't know what that means nor how to implement it. Their devices may not even support them specifying a DNS server manually. Above all, users should not -- *must* not -- be required to know and understand and configure and maintain this sort of network plumbing detail. Such a requirement would be a serious defect -- a bug. Second, the alternative DNS server addresses given happen to belong to Google. Google does not take anti-freedom orders from the Turkish government... today. But it has taken them from the Chinese, US and other governments in the past, and continues to do so now, and based on what was involved in getting them to collaborate in those cases, it is not at all hard to imagine them taking orders from this or another and possibly even a worse Turkish one in the future. What applies to Google applies to all DNS providers. They can only be said to be intermittently and contingently ethical; in other words, for all practical purposes, not reliably ethical at all. Requiring users (and enterprise IT, and everyone) to play whack-a-mole with intermittently and contingently ethical single points of failure is a bug. This should all be *obvious*. There is no other side to the story here. Let's all move on and agree to investigate fixes for the systemic bug that is DNS. -- Phil Hudson http://hudson-it.no-ip.biz @UWascalWabbit PGP/GnuPG ID: 0x887DCA63 -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq