Google strives to make Public DNS secure

Google introduced Google Public DNS to offer an alternative DNS system and hopefully speed things up on the Web

In an effort to enhance the Web experience and speed things up for users, Google is getting into the DNS business. DNS has privacy and security implications, though, that Google has to take into consideration in providing this service.

I will let my PC World peer David Coursey explain DNS: " DNS is an Internet protocol that acts as both telephone directory and switchboard. It provides for the translation of a URL, such as http://www.pcworld.com/, into the IP address of the server that hosts the site."

Privacy is a concern with virtually everything Google touches. The very nature of many of Google's core offerings is based on cataloging and indexing every possible detail about everything. To provide the best search results, it has to create the most comprehensive site index. To provide the most detailed maps, it has to painstakingly catalog every street in the world. Sometimes the goal of providing information oversteps the privacy boundary.

The privacy concern with Google Public DNS though is more about the Big Brother status that Google achieves by acting as the DNS resolver to the world. With recent purchases like AdMob and Teracent, Google is aggressively expanding its advertising footprint. The ability to monitor and capture detailed Web data from the DNS traffic could be a goldmine for Google.

David Ulevitch, founder of OpenDNS, challenges Google's altruism in his blog post: "Google claims that this service is better because it has no ads or redirection. But you have to remember they are also the largest advertising and redirection company on the Internet. To think that Google's DNS service is for the benefit of the Internet would be naive."

Privacy issues aside, DNS also comes with some inherent security concerns. The Google Code Blog acknowledged the security implications of DNS in the post announcing Google Public DNS. "DNS is vulnerable to spoofing attacks that can poison the cache of a nameserver and can route all its users to a malicious website."

There have been a number of issues discovered with DNS and attacks that exploit weaknesses in DNS in recent years. It was designed in a Utopian era before Internet or Web security were issues. DNSSEC has been developed as a next-generation, more secure implementation of DNS, but it is not yet part of the mainstream.

Google is aware of the security flaws with DNS though and has taken steps to protect against them. "Until new protocols like DNSSEC get widely adopted, resolvers need to take additional measures to keep their caches secure. Google Public DNS makes it more difficult for attackers to spoof valid responses by randomizing the case of query names and including additional data in its DNS messages."

DNS cache poisoning can be a very effective exploit if successful, and Google Public DNS will provide a very tempting target. The steps Google has taken are a good interim action while we wait for the widespread adoption of DNSSEC.

These measures don't address the Big Brother privacy concerns, but that is a whole different battle that Google will have to fight probably as long as it is in the business of indexing the world and providing targeted advertising.

Tony Bradley tweets as @PCSecurityNews, and can be contacted at his Facebook page .

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags GoogleGoogle Public DNS

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tony Bradley

PC World (US online)
Show Comments

Cool Tech

Toys for Boys

Family Friendly

Stocking Stuffer

SmartLens - Clip on Phone Camera Lens Set of 3

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?