

WilTarbuckle

@waltersgolf.com WilTarbuckle Anon Mac Only? Surprising...



vpoko

Premium Member

join:2003-07-03

Boston, MA 1 recommendation vpoko Premium Member Usefulness I can see how this would be useful to prevent a fake IP address from being returned by someone in the position to pull off a man-in-the-middle attack (e.g., hotspot operator). But it won't prevent that party from knowing which sites you're visiting, since they can reverse-DNS the domain name from the IP address, which they will have when you access the site (even if over SSL).



FFH5

Premium Member

join:2002-03-03

Tavistock NJ 1 edit FFH5 Premium Member Will only work on Mac computer for now If you read the OpenDNS web site you will see the DNSCrypt software will only work on Mac computers for now. Windows later. And other devices like tablets and smartphones - who knows when.



Noah Vail

Oh God please no.

Premium Member

join:2004-12-10

SouthAmerica 1 edit Noah Vail Premium Member Mixed Bag



and



I've sniffed WAN side DNS traffic. There's a lot of information for that location - but not which user is generating it.



It's less clear who would get the sort of access it would take to capture those packets.



edit - re: vpoko

It's a good point.



NV I see another utility to consume user resources. At least the user knows what this one is doing.andI've sniffed WAN side DNS traffic. There's a lot of information for that location - but not which user is generating it.It's less clear who would get the sort of access it would take to capture those packets.edit - re: vpoko 's post... I wasn't considering mobile users.It's a good point.NV



treich

join:2006-12-12 treich Member Its only for mac for right now Per the website its only available for mac's for right now.



cableties

Premium Member

join:2005-01-27 cableties Premium Member Sadly?



So its for the mac "at this moment". SO!

It will be out for the PC soon.



Besides, how many Mac users ACTUALLY use OpenDNS and are looking for encrypted.... hey... hmmmm... I have a mac... Keep your panties on there, karl!So its for the mac "at this moment". SO!It will be out for the PC soon.Besides, how many Mac users ACTUALLY use OpenDNS and are looking for encrypted.... hey... hmmmm... I have a mac...



nwrickert

Mod

join:2004-09-04

Geneva, IL 204.2 193.1

·Metronet

·AT&T U-Verse

nwrickert Mod What's the point? DNSSEC protects your security with the use of digital signature that can ensure that you have the correct DNS results.



DNSCrypt seems to do little more than encrypt the transmission of data that is already in the public domain.



I guess this helps OpenDNS gain a monopoly on the sale of your browsing habits for profit.



vpoko

Premium Member

join:2003-07-03

Boston, MA vpoko Premium Member Re: What's the point? Are you sure that's how DNSCrypt works? I'm not asking to argue, I'm really not sure.



Public key encryption can be used in few ways. If OpenDNS encrypts the data using a public key that you generate, and you decrypt it with your private key, that encrypts the data but doesn't confirm authenticity (because anyone could have used your public key to encrypt data).



On the other hand, if they use a private key that they generated to encrypt the data they send, and you use the corresponding public key to decrypt it, it doesn't protect the data (since anyone has the public key to decrypt it) but it dues authenticate it since only the possessor of the private key could have generated that cyphertext.



I'm not sure how OpenDNS' system works, but I would hope it's the latter.



nwrickert

Mod

join:2004-09-04

Geneva, IL 204.2 193.1

·Metronet

·AT&T U-Verse

nwrickert Mod Re: What's the point? said by vpoko: Are you sure that's how DNSCrypt works? I'm not asking to argue, I'm really not sure.





At best, that can protect traffic between you and openDNS. However, openDNS is not an authoritative supplier of DNS data. If you use DNSSEC, then you are checking the authentication signature from the authoritative originator of the data. I am crudely assuming that the encrypted channel between you and openDNS is perfect.At best, that can protect traffic between you and openDNS. However, openDNS is not an authoritative supplier of DNS data. If you use DNSSEC, then you are checking the authentication signature from the authoritative originator of the data.

GraysonPeddi

Grayson Peddie

join:2010-06-28

Tallahassee, FL Ubiquiti EdgeRouter PoE

Ubiquiti UniFi AP-AC

GraysonPeddi to nwrickert

Member to nwrickert

options {}; section, am I right?



»dnssec.surfnet.nl/?p=402



I am using Debian Sid+Experimental. So since I use BIND9 as a DNS Server and resolver (no forwarders in my DNS server), all I have to do is enable DNSSEC in thesection, am I right?I am using Debian Sid+Experimental.



dvd536

as Mr. Pink as they come

Premium Member

join:2001-04-27

Phoenix, AZ dvd536 to nwrickert

Premium Member to nwrickert

said by nwrickert: I guess this helps OpenDNS gain a monopoly on the sale of your browsing habits for profit.

ding ding ding. we have a winner!



Sircolby450

join:2005-11-26 Sircolby450 to nwrickert

Member to nwrickert

said by nwrickert: I guess this helps OpenDNS gain a monopoly on the sale of your browsing habits for profit.

Now you know why they released it for Macs first. Aim for the most gullible first. Hey guys look at this. It will make you more "secure" than everybody else. You must have it!



JigglyWiggly

join:2009-07-12

Pleasanton, CA JigglyWiggly Member Re: What's the point? mac only? How odd.



cork1958

Cork

Premium Member

join:2000-02-26 cork1958 Premium Member Re: What's the point? said by JigglyWiggly: mac only? How odd.

said by Sircolby450: said by nwrickert: I guess this helps OpenDNS gain a monopoly on the sale of your browsing habits for profit.



Now you know why they released it for Macs first. Aim for the most gullible first. Hey guys look at this. It will make you more "secure" than everybody else. You must have it!

That's the reason why. I'll just stick with my own DNS servers, if you don't mind. Don't like OpenDNS anyway. Exactly what I thought. Why in the world would they make it for Mac only, first?Yep,That's the reason why. I'll just stick with my own DNS servers, if you don't mind. Don't like OpenDNS anyway.



Noah Vail

Oh God please no.

Premium Member

join:2004-12-10

SouthAmerica Noah Vail Premium Member Re: What's the point? said by cork1958: I'll just stick with my own DNS servers, if you don't mind. Don't like OpenDNS anyway.



NV Me too. Unbound employs DNSSEC natively, it's all I install anymore.NV



sykl0ps

Premium Member

join:2011-06-23

Archer, FL sykl0ps to JigglyWiggly

Premium Member to JigglyWiggly

Seems like an interesting way to do a limited beta test to me. Only mac while they see how their servers respond, if all is well, let loose the windows version.