Google, Cloudflare, and Cisco must poison their DNS resolvers to prevent access to around 117 domains used by pirate sport streaming sites.

Run your own unbound or bind resolvers!

@Mikufan@ani.social
link
fedilink
English
136M

NextDNS flying under the radar like always.

Domi
link
fedilink
English
86M

Is it possible to get unbound to talk to the root servers via TLS/HTTPS by now?

I’m currently using Quad9 because they support DNS over TLS and DNS over HTTPS.

@NullGator@lemmy.ca
link
fedilink
English
56M

Yes its possible 👍

Use:

forward-zone:
  forward-addr: 9.9.9.9@853#dns.quad9.net
Domi
link
fedilink
English
36M

That is what I’m doing currently but now unbound doesn’t talk to the root servers anymore, it sends all queries to Quad9.

Both scenarios are not ideal because you always end up with one entity knowing all your queries.

@NullGator@lemmy.ca
link
fedilink
English
16M

Perhaps you could configure more than unbound service behind a loadbalancer. Each unbound instance is configured to use different upstream dns servers.

Double check if unbound doesn’t allow you to randomly hop between dns upstreams first, but the above solution should work if that’s unavailable atm.

@out@lemmynsfw.com
link
fedilink
English
16M

Not sure you would even need encryption. Surely It can’t be illegal to ask the root servers (and all the other DNS servers involved, because the root servers only have IPs for TLD DNS servers) for IPs

Domi
link
fedilink
English
36M

Not illegal but it leaves all your DNS lookups in plain text with your ISP, which just doesn’t sit right with me.

Not that the ISP in my country would care.

@NullGator@lemmy.ca
link
fedilink
English
16M

Also introduces the possibility of DNS poisoning

Saik0
link
fedilink
English
46M

I just want to point out the Technitium project as an alternative to unbound and bind resolver as well.

Regardless, it’s really easy to setup your own DNS resolver that resolves to DNS roots.

exu
link
fedilink
English
196M

Apparently Cisco operates a popular DNS resolver? Never heard of that before.

And definitely don’t learn how to use a VPN. Or set up Unbound or Bind or PowerDNS Recursive…

Cisco bought OpenDNS a few years ago,

k_rol
link
fedilink
English
76M

Ah crap, good to know. This sucks though, I was thinking of using it to replace CF. What’s left? Quad9 and the unbound type?

Venia Silente
link
fedilink
English
86M

ATM I’m using Quad9 and OpenNIC but I’m not sure how much of everything do they cover. I’m also not well aware of any other good “flat DNS” alternative (aka: one you can put right into your /etc/resolv.conf / Windows LAN config, without need of extra internal service).

@diy@sh.itjust.works
link
fedilink
English
1
edit-2
6M

Uncensoreddns is a great alternative.

Lee Duna
link
fedilink
English
106M

Cisco operates from the ISP side, they’ll poison DNS through their routers. And you should be aware that your ISP will employ Deep Packet Inspection which can also be done with Cisco routers. That means they can intercept internet traffic, especially if your internet connection is not encrypted.

exu
link
fedilink
English
76M

ISPs were already required to block the sites. I don’t think an additional block on the Cisco side would change anything in that case.

archomrade [he/him]
link
fedilink
English
26M

Guess ill be trying my hand at building my own pfsense router

swayevenly
link
fedilink
English
36M

deleted by creator

A French court has ordered Google, Cloudflare, and Cisco to poison their DNS resolvers…

Venia Silente
link
fedilink
English
556M

Never question the bravery of the French. They discovered snails are edible.

As for their intelligence on the other hand…

I’m glad it’s only the football streaming sites, but I don’t much like that companies get this kind of legal power.

Red
creator
link
fedilink
English
506M

Since OpenNIC resolvers are user-run, doesn’t that mean a bad actor could theoretically pop up at any time and log any request that goes through them?

@i_love_FFT@lemmy.ml
link
fedilink
English
76M

Opennic should be the default DNS of everybody!

ELI5 please. What are the benefits over unbound?

@i_love_FFT@lemmy.ml
link
fedilink
English
46M

I don’t know about unbound so I can’t really compare… OpenNic is not run by for-profit corporations, which I think is a good thing.

machinya [it/its, fae/faer]
link
fedilink
English
3
edit-2
6M

unbound is a software that you can run anywhere to have a caching dns. opennic is a project of dns servers you can connect to to resolve dns records (think in google dns servers but run by the community). two different problem spaces. you can even use both at the same time

@Doombot1@lemmy.one
link
fedilink
English
156M

ELI5…?

@Dave@lemmy.nz
link
fedilink
English
616M

DNS is when your browser asks where to find a website. You enter Lemmy.One in your browser, and your browser asks the DNS resolver the address of the computer the website is hosted on.

Most people will use their internet company’s DNS, and it sounds like France ordered these companies to block some illegal streaming sites by having the DNS server point to a page saying it’s blocked instead of to the website server.

More technical users changed their settings to get DNS from google, Cloudflare, etc instead of the internet company, so now France is going to make those companies block the sites too.

ELI5: France is lying to your computer when it asks where to find the websites

@Doombot1@lemmy.one
link
fedilink
English
86M

Thank you! That makes much more sense.

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
!piracy@lemmy.dbzer0.com
Create a post
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don’t request invites, trade, sell, or self-promote

3. Don’t request or link to specific pirated titles, including DMs

4. Don’t submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

  • 1 user online
  • 51 users / day
  • 265 users / week
  • 776 users / month
  • 3.17K users / 6 months
  • 1 subscriber
  • 3.58K Posts
  • 84.8K Comments
  • Modlog