Google strives to make Public DNS secure

Google introduced Google Public DNS to offer an alternative DNS system and hopefully speed things up on the Web

In an effort to enhance the Web experience and speed things up for users, Google is getting into the DNS business. DNS has privacy and security implications, though, that Google has to take into consideration in providing this service.

I will let my PC World peer David Coursey explain DNS: " DNS is an Internet protocol that acts as both telephone directory and switchboard. It provides for the translation of a URL, such as http://www.pcworld.com/, into the IP address of the server that hosts the site."

Privacy is a concern with virtually everything Google touches. The very nature of many of Google's core offerings is based on cataloging and indexing every possible detail about everything. To provide the best search results, it has to create the most comprehensive site index. To provide the most detailed maps, it has to painstakingly catalog every street in the world. Sometimes the goal of providing information oversteps the privacy boundary.

The privacy concern with Google Public DNS though is more about the Big Brother status that Google achieves by acting as the DNS resolver to the world. With recent purchases like AdMob and Teracent, Google is aggressively expanding its advertising footprint. The ability to monitor and capture detailed Web data from the DNS traffic could be a goldmine for Google.

David Ulevitch, founder of OpenDNS, challenges Google's altruism in his blog post: "Google claims that this service is better because it has no ads or redirection. But you have to remember they are also the largest advertising and redirection company on the Internet. To think that Google's DNS service is for the benefit of the Internet would be naive."

Privacy issues aside, DNS also comes with some inherent security concerns. The Google Code Blog acknowledged the security implications of DNS in the post announcing Google Public DNS. "DNS is vulnerable to spoofing attacks that can poison the cache of a nameserver and can route all its users to a malicious website."

There have been a number of issues discovered with DNS and attacks that exploit weaknesses in DNS in recent years. It was designed in a Utopian era before Internet or Web security were issues. DNSSEC has been developed as a next-generation, more secure implementation of DNS, but it is not yet part of the mainstream.

Google is aware of the security flaws with DNS though and has taken steps to protect against them. "Until new protocols like DNSSEC get widely adopted, resolvers need to take additional measures to keep their caches secure. Google Public DNS makes it more difficult for attackers to spoof valid responses by randomizing the case of query names and including additional data in its DNS messages."

DNS cache poisoning can be a very effective exploit if successful, and Google Public DNS will provide a very tempting target. The steps Google has taken are a good interim action while we wait for the widespread adoption of DNSSEC.

These measures don't address the Big Brother privacy concerns, but that is a whole different battle that Google will have to fight probably as long as it is in the business of indexing the world and providing targeted advertising.

Tony Bradley tweets as @PCSecurityNews, and can be contacted at his Facebook page .

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags Google Public DNSGoogle

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tony Bradley

PC World (US online)
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?