From: "Antti Kurenniemi" 

I wonder how much the speed gain really means to a Joe Average - isn't the
DNS lookup only a very small amount of data? Granted, I don't know much
about this, but seems to me like it probably won't make much difference one
way or another.


Antti Kurenniemi

"Mike N."  wrote in message
news:3m4vb2566it4659527h2h5kfii2fv2ou3v{at}4ax.com...
> On Wed, 19 Jul 2006 23:15:13 -0400, "John Beamish"

> wrote:
>
>>http://www.techcrunch.com/2006/07/18/opendns-wants-to-watch-the-web-for-you
>>
>>OpenDNS is a new start up that wants users to redirect web traffic through
>>its DNS nameservers, where an unusually large cache and an aggregated list
>>of sites deemed guilty of phishing will make our web surfing faster and
>>safer. It's free and as simple as changing your DNS address from your ISP
>>and to OpenDNS, but a number of serious concerns about the service have
>>already been raised.
>
>   Nearly all the criticism has no merit.
>
>  SiteAdvisor - a completely different service.   It makes no attempt to
> identify phishing sites.  OpenDNS could establish links from CastleCops,
> SpamCop, etc to get a hot list of phishing URLs.   Although admittedly,
> phishers could scale this to the level of Spam - 10,000 domains at a spam
> run spread over a million trojan'ed hosts.
>
>  Some variation of 'it corrupts the DNS space'.   True, but if you know
> enough to know why it corrupts the DNS space, you don't need it.   Useage
> is voluntary, which makes it OK.
>
>   'The person who needs to use it doesn't know what DNS is'.   True, and
> OpenDNS will reach critical mass only if assigned by ISPs to their users.
> The user shouldn't need to be aware of it.
>
>  'OpenDNS won't be much faster.'   Here is one area where everyone is
> short on facts.  Normally, the ISP with a well-run DNS server will always
> be faster because there are fewer hops to reach the DNS.   However, there
> are scattered reports of slow DNS servers on some cable ISPs.    It's not
> easy to measure the effects of the DNS server on web browsing by watching
> the browser status bar because of all the levels of caching involved. The
> only way to characterize DNS is to compare DNS servers directly under a
> variety of conditions and over a span of time.   Hopefully OpenDNS will do
> this because it's a good sales tool if they're really faster.
>
>   My opinion: a centralized DNS server is a tempting Pharming target.
> Imagine getting www.bankofamerica.com to point to your Phishing server.
> That is the biggest danger.    But OpenDNS servers won't be any more
> vulnerable to Pharming than a megaprovider such as Comcast / Verizon /
> Earthlink etc, assuming that both are running the latest version of DNS
> and
> properly secured.

--- BBBS/NT v4.01 Flag-5