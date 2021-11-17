from the promise-we-won't-peek dept.
The Global Cyber Alliance has given the world a new free Domain Name Service resolver, and advanced it as offering unusually strong security and privacy features.
The Quad9 DNS service, at 9.9.9.9, not only turns URIs into IP addresses, but also checks them against IBM X-Force's threat intelligence database. Those checks protect agains landing on any of the 40 billion evil sites and images X-Force has found to be dangerous.
The Alliance (GCA) was co-founded by the City of London Police, the District Attorney of New York County and the Center for Internet Security and styled itself "an international, cross-sector effort designed to confront, address, and prevent malicious cyber activity."
[...] The organisation promised that records of user lookups would not be put out to pasture in data farms: "Information about the websites consumers visit, where they live and what device they use are often captured by some DNS services and used for marketing or other purposes", it said. Quad9 won't "store, correlate, or otherwise leverage" personal information.
[...] If you're one of the lucky few whose ISP offers IPv6, there's a Quad9 resolver for you at 2620:fe::fe (the PCH public resolver).
https://www.theregister.co.uk/2017/11/20/quad9_secure_private_dns_resolver/
takyon: Do you want to give the City of London Police control of your DNS?
http://torrentfreak.com/torrent-domain-suspensions-damage-credibility-registrar-says-140617/
When the police coerce registrars to suspend domain names there are a series of damaging knock-on effects, Iceland's top domain registry says. ISNIC says that it's difficult to repair the kind of damage suspensions cause to the credibility of top-level domains, something that could be avoided through better understanding of Internet functionality.
Private law firms will be hired by police to pursue criminal suspects for profit, under a radical new scheme to target cyber criminals and fraudsters.
In a pilot project by the City of London police, the lead force on fraud in England and Wales, officers will pass details of suspects and cases to law firms, which will use civil courts to seize the money.
The force says the scheme is a way of more effectively tackling fraud – which is now the biggest type of crime, estimated to cost £193bn a year. It is overwhelming police and the criminal justice system.
Under the shakeup being piloted, a law firm will pursue the suspect in the civil courts before any conviction and possibly even without a criminal charge. The burden of proof is lower in civil courts, and they will only have to show that the suspect stole the money on the balance of probabilities.
[...] Katie Wheatley, joint head of criminal law at Bindmans, a London law firm, expressed unease over the proposals, which she said gave police "what they would regard as an easy deterrent, without having the inconvenience of proving an offence to a criminal standard".
[...] A working group to oversee the experiment has been set up by the City of London police, officers from the National Crime Agency, and Metropolitan police, and law and private investigation firms.
takyon: The City of London is a small county within Greater London, run by the City of London Corporation. It is well known for being a centre of
evil finance.
(Score: 2) by WizardFusion on Tuesday November 21, @01:13PM (2 children)
I am already blocking over 950,000 domain using a Pi-Hole install.
It covers almost everything I need
(Score: 0) by Anonymous Coward on Tuesday November 21, @01:16PM (1 child)
One doesn't need a DNS as such [stackexchange.com]
(Score: 2) by ledow on Tuesday November 21, @01:20PM
Yup.
And I think if DNSSec etc. drag their feet for much longer (might be "there", but it's certainly nowhere near mainstream) then something like a DHT DNS will pop up in its stead.
I can only think that's a good thing. Maybe then all the price-gouging TLDs will stop, and you will be able to have control of your DNS records without having to run a bucket of nameservers.
But until then, DNS has a long life ahead of it, I think.
And another public DNS server that's easy to remember isn't a bad thing. Whether or not you care about snooping.
(Score: 2) by The Mighty Buzzard on Tuesday November 21, @01:17PM
Am I the only one who sees this as a Bad Thing? I mean, isn't this exactly what we bitched about breaking DNSSEC during the whole SOPA mess?
Save Ferris!
(Score: 0) by Anonymous Coward on Tuesday November 21, @01:25PM
DNS does not turn URIs into IP addresses. It turns hostnames into IP addresses.
They promised? Unless they make that promise legally binding, it can be safely ignored.
