This sounds so stupid. Why don’t they just ask all the ISPs to block the IP addresses?
Google DNS can suck it anyways. Who tf pirates but also can’t just install NextDNS.
The court is actually a clown town for pursuing DNS blocking instead of the CDN (Cloudflare). Is this just tech illiteracy at play?
A bunch of old folks who dont understand the technology they are trying to legislate.
Thankfully
Sports seems very agressive against piracy these days… :s I wonder whats the root cause of this crusade against IPTV and streaming services.
I would Imagine someone put a bandit sign offering jailbroken firesticks in front of the wrong office building and pissed off someone who can afford lawyers and lobbyists.
So, inb4 “just don’t use Google DNS”…
Fun fact, if you have an iPhone or an Android phone that is not rooted, you use DNS to block ads. I use uBlock Lite on my iPhone. On my Android phone, I actually don’t bother with DNS ad blocking. It’s a backup phone. But bet your ass my browser is Firefox and it has uBlock Origin on it. When I ran rooted Android, I used AdAway to keep my HOSTS file up to date. You can’t do that without root, though. At least AFAIK.
If you use Google apps on either platform, they use the Google DNS. This is normal, it’s even a fair play, really. The issue is when you’re on an iPhone and you use the Google (search) app. Even though you’re “just” searching, it’s tunneling around your ad blocker to insert ads on your device (or more specifically, to allow them through). Ads can carry ransomware and other malware (good luck executing it on an iPhone, but regardless, Google doesn’t care about your device, only their shareholders) so that’s obviously a problem. The solution is to search via Spotlight as
GodSteve Jobs intended; even if Google is your search engine (it is the default — on mine it’s DuckDuckGo), it will still use your ad blocking DNS if that is what you have set up.So yeah, definitely don’t use Google DNS, but be aware Google apps are using it. Fortunately most can be accessed via the browser. But your browser on either platform (as long as it is not Chrome) should be fine.
Degoogling your phone entirely can be a tough transition as they’ve embedded their services into so much of our life, but in my experience completely worthwhile.
When I ran rooted Android, I used AdAway to keep my HOSTS file up to date. You can’t do that without root, though. At least AFAIK.
you can, not with adaway but others like rethink dns that function as a VPN, without actually using a VPN provider.
when you do that, you can’t use any other VPN apps. though some (including rethink) have additional functions, like an outgoing firewall, wireguard, proxy support, …
though if your company requires a different VPN app… then get a company phone, probably.Android phones have had private DoT since a while. Just slap there your favorite adblocking DoT DNS address. As far I can tell from my logs, even system Google apps respect that.
Do you know what DoT means? I don’t.
DuckDuckGo says Department of Transportation, but I’m sure that’s not what you mean.
It’s a good rule of thumb to spell out an uncommon acronym — especially if you google it and it doesn’t return what you want it to mean.
It’s DNS over TLS.
DNS over TLS
I guess this is a good time to plug OpenNIC, the alternative DNS root https://opennic.org/
Hmm yes, I can now trust random people on the internet to provide me DNS and hope they are not logging my DNS lookups or feeding me poisoned DNS resolves.
what could go wrong
time to use public/private key-pairs to identify address owners, like yggdrasil-network does it for example, instead of antiquated centralized dns
Extant since 2012 and this is the first I have heard of them. Incredible!
This is badass. I use NextDNS. So if I switch to opennic, is there another domain filter that you recommend, or would the questionable domains be unavailable (google.com, Facebook.com, etc) anyways?
What is that? I’ve read most of the thing and I still don’t have a clue.
Most DNS systems just act as a cache for the “root” domain name servers controlled by ICANN, an American corporation.
This operates independently and adds their own, additional, top level domains.
That last part is what is catching my attention the most.
Does that mean that those domains can only be seen through their dns servers? Or just registered through them and everyone can see them?Looks like using any other dns only has down sides.
Yes it means those domains can only been resolved though their DNS servers.
If I understand correctly, root means that they are authoritative. They are effectively independent of the classical root DNS servers and provide custom top level domains (TLDs) such as
.geekwhich are not available in the regular DNS system. Non root DNS servers merely relay requests to root servers or other DNS servers and cache response records according to their time to live (TTL).It’s an open and democratic alternative DNS root.
Repeating the first line of text doesn’t help much. I’ve heard of DNS servers, but root? This is the first time. I’m trying to read about it and still can’t see the difference.
deleted by creator
Can someone ELI5 for the non tech savvy please?
Blocking a dns request is like removing a phonenumber from a phonebook. You can still call that number, you just need another phonebook to find it.
Let’s say you visit a new city for the first time, and you’re trying to find a place you heard of that gives away free toys. You know the name, but you don’t know where it is, so you ask the man in the information booth. France has ordered the man not to tell anyone where to find the place that gives away free toys.
DNS (Domain Name System) is a simple service that resolves a domain name (example.com) to its host (where the files are, e.g. 1.1.1.1). That’s just it, nothing more.
By default you use a DNS service by your ISP (Internet Service Provider). But you can choose from many free DNS services from around the world or even self host a DNS server.
CDN (Content Delivery Network) is a service which caches files for the website. Videos, images, files, etc. It can also hide the actual address of the domain by proxying data.
The French court asked google to stop resolving domains for users using google DNS, so it cannot connect to it’s host.
Google is arguing CDN services who know the actual address of these websites and redistribute files for these pirate sites should be better targets for the court than a DNS service.
I guess they’re saying DNS blocks can easily bypassed by the users and the pirates can buy a new domain making it ineffective.
