posted by Thom Holwerda on Thu 3rd Dec 2009 22:58 UTC
IconGoogle has just launched its very own public Domain Name System resolver, with which the company hopes to speed up internet traffic. The search giant claims its DNS is more secure (through protection against cache poisoning attacks) and faster than others.

I'm sure most of you are aware of what the Domain Name System does. When you type in a web address, you expect to be taken to said web address. DNS takes care of that for you by converting the address you typed in into its numerical variant, the IP address, making sure you actually get to the page you typed in.

Google claims that its DNS service is faster than others. "In addition to load-balancing user traffic to ensure shared caching, Google Public DNS implements 'smart' caching to increase the speed of responses," the company states, "Google Public DNS independently resolves domain names and keeps the resolutions in the cache until their time-to-live expires, at which point they are automatically refreshed. The cycle of caching and refreshing is performed offline, asynchronously with user requests, so that responses are almost always available directly from cache."

When it comes to security, Google is trying hard to prevent cache poison attacks. "Google has implemented several recommended solutions to help guarantee the authenticity of the responses it receives from other nameservers, and to ensure our servers are not used for launching DoS attacks," Google explains, "These include adding entropy to requests, rate-limiting client traffic, and more."

"The average Internet user ends up performing hundreds of DNS lookups each day, and some complex pages require multiple DNS lookups before they start loading. This can slow down the browsing experience," explains Prem Ramaswami, product manager at Google, "Our research has shown that speed matters to Internet users, so over the past several months our engineers have been working to make improvements to our public DNS resolver to make users' web-surfing experiences faster, safer and more reliable."

Google has put together a document detailing the configuration instructions for Google Public DNS for Windows, Mac OS X, Linux, routers, and other devices. Google warns that playing with these settings is for advanced users only, so be warned.

An obvious concern here is privacy. There seems to be nothing but good news. Google explicitly states that "Google Public DNS never blocks, filters, or redirects users". Good, but what about logging? The privacy policy for Google Public DNS is very reasonable, claims Lauren Weinstein, co-founder of PFIR (People For Internet Responsibility) and founder of the PRIVACY Forum.

"Google has obviously recognized the sensitivity of this issue," Weinstein writes, "Their separate privacy policy for the Google Public DNS strikes me as utterly reasonable, particularly given its very rapid (24-48 hours) deletion of what I would consider to be the key privacy-sensitive data."

If you're adventurous, feel free to try it out.

e p (4)    61 Comment(s)

Technology White Papers

See More