With stories in the tech news about a recently discovered DNS flaw that allows malicious parties to redirect even properly-typed-in URLs to spoof sites’ IP addresses, I got curious about this OpenDNS I keep hearing about. Supposedly it’s faster and also blocks phishing sites, has patched the DNS flaw, has 100% uptime, and allows configuration for blocking other categories of sites as well.
If the terms DNS, IP address, URL, and phishing have you confused, I’ll give you a quick explanation of at least my basic understanding of them. If you have a cell phone, it’s very likely, you store your friends’ and family’s phone numbers in there, but you don’t browse by phone number—you browse by name. If you see Aunt Myrtle and call her, your phone has a translation for itself that says “Aunt Myrtle is really 212-867-5309.” That’s basically how DNS and IP addresses work, too. When you want to go to Google, you type www.google.com (the URL) in the address bar of Firefox, Opera, Safari, or Internet Explorer; you don’t type 220.127.116.11 (the IP address). The DNS server translates the URL to the IP address. If there’s an exploitable flaw in the DNS server, the people exploiting the flaw may be able to take the proper URL you typed in and point it to an improper IP address. In the analogy I gave before, it would be as if someone messed with your phone and made it so Aunt Myrtle really called 911 instead of 212-867-5309.
Well, I think I see a slight increase of speed, but maybe it’s just a placebo effect. I don’t know. I’m giving OpenDNS a go, and we’ll see if I can live with it hijacking my keyword URL search in Firefox. I know some people have privacy concerns, but really my privacy isn’t any more secure with my ISP’s DNS server than with OpenDNS’s DNS server.