Any organization called “blah blah shield” is telling you that it’s a piece of shit organization
trust us! our logos are blue and our salespeople are bald and/or buff. lol ya
Can someone considerably smarter than me, with time to spare, please just find a way to federate/decentralize DNS.
I can fathom that it is complicated, maybe even impossible in the current setup, but the internet we all grew to love dies a little bit more each time the mouth breathers try to restrict it on behalf of capitalism.
Maybe remembering ip addresses can fill the void of not having to remember phone numbers anymore?
Even remembering IP addresses isn’t a great because services can change IP addresses at any point.
As others have mentioned DNS, by its design, is decentralized…to a point. If you run your own DNS, you can’t be an authority to .com addresses for example. Even that sentence has caveats.
Generally speaking you can run your own DNS that uses root DNS servers. MPAA and others have attempted to get those servers to stop pirate domains from being resolvable but they’ve essentially said “fuck off”.
IMO, that’s going to be the last battleground, at which point pirating will have no choice but to move to tor and/or to I2P.
https://en.wikipedia.org/wiki/Domain_Name_System
The Domain Name System (DNS) is a hierarchical and distributed name service
Already is. Run your own.
I mean, as far as I know, DNS is decentralized. Anyone can host their own DNS server, or change which server their network/device uses. Google’s is just very commonly used because 8.8.8.8 is easy to remember, but there are thousands of others run by entities big and small, and there’s nothing stopping you from running your own (assuming you manage to get a hold of a static IPv4)
I’ve been using Google’s Public DNS for quite a while, should I switch to Cloudflare or NextDNS after reading OP’s post ?
This is the correct answer. The only thing I would add is some devices don’t allow changing the DNS IPs and are hard coded to 8.8.8.8 so Google blocking sites via DNS is still an issue. Of course you could intercept these requests, but with DNS over HTTPS becoming more popular, i would imagine that device manufactures will also start to do certificate pinning as well to prevent people from using their own DNS server.
HTTPS becoming more popular, i would imagine that device manufactures will also start to do certificate pinning as well to prevent people from using their own DNS server.
Why? Just BC fuck plebs?
why is everything getting worse
the answer is always money.
The answer is always DRM and monetization. If you didn’t have enough reasons to not buy products with locked down software, here’s even more reasons.
You are 100% correct. The issue isn’t the infrastructure per se, but the usage of it.
By decentralizing, I guess I mean finding a way to remove the ability for a mega company like Google from being able to dominate the playfield.
The percentage of internet users that can or will bother to run their own DNS is way too low.
How easily DNS can be manipulated by any network for the average end user is the blessing and the curse it seems.
Do I need a static ip if I plan to only use it locally from my home network?
What I suggest/have done:
-
Rent a cheap VPS in a non-five eyes country that comes with a static ipv4.
-
SSH on random port with certificate auth only. No root, no password auth.
-
setup WireGuard server with random port.
-
firewall block all incoming except ssh and WireGuard port at first.
-
set home server to connect via wireguard as sole client to VPS.
-
individually add any ports you want to go to the home server from the internet as NAT forwarded ports. Basically WWW -> VPS -> Home.
-
have a separate WireGuard VPN for outgoing from the home server.
-
profit?
But it’s crazy complicated. At least it was for me. Not for the faint hearted imo.
-
The box on which the dns server runs will need a static internal IP address.
If you’re only going to use it from within your own LAN, then no, you don’t need a static public address
Can also set up ipv6 dns, those always static.
You would think…
This reminded me of namecoin which is a block chain based DNS.
Thanks for this! I’ll read up on it.
The name unfortunately put me off from looking into it before. Basically anything with ‘coin’ in it just makes my brain go to crypto scam automatically these days I think.
Does this affect self hosting with the arr suite?
Find one close to you, find one that isn’t run by a trash company. Find a few more and set them up as your upstream. Use them.
If you’re using Google for DNS and/or not using a VPN, yes.
