[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
|
On 22/03/14 15:32, Philip Hudson wrote:
I knew it was a bad idea to jump into this one.On 22 March 2014 10:26, Martin Gautier <martin.gautier@xxxxxxxxxxxxx> wrote:I'm trying, here, to assert that DNS isn't "a serious bug in the Internet, not a feature".... but you don't understand its architecture, functions, institutions and processes well enough to do so without looking, well, a bit silly. For instance, you use the phrase "their DNS". No! There are *not* multiple DNSes owned and controlled by multiple actors; there is exactly one DNS. Unlike the Internet, it is centralized. That is a bug. That is precisely the point of this thread, and if you had read it through from the start you would know that. Perhaps your error comes from misreading the S in DNS as "server"? It is in fact "system". You also do not seem to have noticed, when claiming that DNS ensures free speech, that you are responding to a report of DNS being used to block Twitter, which is precisely a deliberate and malicious abridgement of free speech by state actors. Are you under the misapprehension that the alternative DNS server IP addresses painted on the wall in the picture Gordon linked to are a sufficient fix? If so, allow me to point out two things that should be obvious. First, 99.9%+ of Twitter users don't know what that means nor how to implement it. Their devices may not even support them specifying a DNS server manually. Above all, users should not -- *must* not -- be required to know and understand and configure and maintain this sort of network plumbing detail. Such a requirement would be a serious defect -- a bug. Second, the alternative DNS server addresses given happen to belong to Google. Google does not take anti-freedom orders from the Turkish government... today. But it has taken them from the Chinese, US and other governments in the past, and continues to do so now, and based on what was involved in getting them to collaborate in those cases, it is not at all hard to imagine them taking orders from this or another and possibly even a worse Turkish one in the future. What applies to Google applies to all DNS providers. They can only be said to be intermittently and contingently ethical; in other words, for all practical purposes, not reliably ethical at all. Requiring users (and enterprise IT, and everyone) to play whack-a-mole with intermittently and contingently ethical single points of failure is a bug. This should all be *obvious*. There is no other side to the story here. Let's all move on and agree to investigate fixes for the systemic bug that is DNS. I do understand DNS. Both the ancronym and the implementation. That comes from working with Internet technologies since before ISPs existed. I won't get into the "my [ The reality is that a number of ISPs run their own servers from which their users get the DNS information - sure, their source information comes from elsewhere. By using a different server provided by a third party, a user can bypass a DNS restriction applied by their ISP. The distributed nature of Internet protocols and services are what a providing these Turkish guys' freedom of speech. However the technologies work, the reality is that these guys were faced with a restriction of their freedom by their government (however naïvely applied), a solution was found (however technically difficult) and twitterers were back doing what their government didn't want them to do (even with a bit of help from their favourite search engine or techie friend ). I'm not sure how that isn't a success story for DNS frankly. Martin |
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq