Illusory Follies Andrew Flanagan's Blog

3Dec/090

Google Public DNS

network wiringGoogle today announced that they're providing a high-performance public DNS server. This sounds like a great idea from a performance perspective ... I've not had too many complaints with my DNS servers provided by Comcast but I've definitely had some issues at my work with slow/non-responsive DNS servers.

However, I suppose this is just one more thing that can go wrong. Now there's one BIG target to attack and if someone happens to poison the cache, we're all in a world of hurt.

I do plan on updating my home router though to start using this. I'll post a follow-up with my review.

From: Official Google Blog: Introducing Google Public DNS.

Update: They're definitely taking security very seriously. Some more info can be found here that's quite helpful.

Tagged as: , , No Comments
6Dec/075

Google: Ad me!

I just moved all my archived email going back to 1998 (when I really first started saving emails) into my Gmail account. There are probably two standard ways of responding to this:

1) Cool

2) Oh knows! Google can read all your private emails now!

I happen to be one of those people that actually take private property rights seriously and am concerned about privacy laws and so on. However, in this circumstance to those who hate the idea of storing email on Google's servers I can only respond by saying that I:

1) ...Have nothing that's too "secret" in my email. It's mostly boring stuff to others and interesting because it documents aspects of my life which flood me with memories that go way beyond the words and paragraphs of the emails themselves. I'm sure there are things in my emails that would be embarrassing if they were revealed but I should be able to live up to the mistakes I've made and the bad things I've said and been party to.

2) ...Realize that if the Feds want my email, I think they'll find a way to get it. I don't appreciate their nosiness but I don't think that Google is going to let Joe Shmoe into my email account or simply offer my email records to the Feds. I could be wrong, but then again, I could accidentally lose a hard drive that had a copy of the same emails and run into the same problem.

3) ...Think that instead of the common response of "don't let anyone online know anything about you", that I should attempt to embrace (ahh, the warmth) the future of broad information sharing with the full realization that everything that's out there including my blog, my resume, my family photos, my emails, my forums entries, etc. are potentially available for exploitation. What does this mean? It means that if you have secrets, stop recording them! If you must record them, encrypt them using a non-trivial encryption method and at some level, protect it with information that is (again) NOT RECORDED anywhere but in your brain.

The reason I make point 3 is that so many people I know are totally paranoid about the Internet and the potential for identify theft and other things. However, they don't live their life day-to-day in the knowledge that much of their information is in fact still leaking out and becoming available (dumpster diving, data theft and loss at financial companies, disgruntled -- heck, even gruntled employees stealing information). If it's leaking anyway and we must (or at least MOST of us must) rely on things like imperfect financial institutions and garbage companies then it's silly to pretend that you're protected. Instead, I think the better approach is to be aware that in the "digital age" information is incredibly easy to collect, extract, and decrypt. Put price tags on information (like your bank passwords) and be aware of policies that your bank has with regards to "insuring" you against loss should your account be compromised. Stop thinking it won't happen but start thinking about ways that it CAN happen and your life can still go on. People put far too much faith in things like SSL (for secure online transactions). Don't think that it can't be broken or that the NSA doesn't have a dedicated real-time SSL decryption method for something like that. Never believe it when people tell you that something is "unhackable".

I've heard people tell me about how posting pictures of your kids on the Internet could result in them being Photoshop'ed by child pornographers. I don't really know how to respond to this... It just seems a little silly. Of course they could -- but why does this matter to me? For that matter, how would I find out...??!? There's always a risk of having people find your personal information (like your address) but I just don't understand the obsession about trying to hide it. It's available! It's out there already! If you have a secret that no one else knows (at all) then maybe you should keep it "off the grid". But for things like your name, address, email, phone, etc. live with the realization that it's not private anymore. If you want it to be private, prepare to not use them for anything.

If you need anonymity, there are certainly some good ways of covering your tracks. However, the difficulty in doing this even one time is high -- I think it's likely impossible to do this routinely and still effectively communicate. If you're reading this post, you've left some trace of your presence. Yes, you might be using a proxy, but you left a trace at the proxy also. If you've accessed it via a proxy from a coffee shop,well, you've left a trace on the security camera there. It never really provides total anonymity -- it just makes it difficult and expensive to find you. Don't get me wrong, I think it's excellent that people develop attempts at anonymity on the Internet (like Tor) but it's not providing TOTAL anonymity any more than a password will ever provide TOTAL security. If all your doing is attempting to stop marketers from bombarding you with ads or targeted marketing, then great. I do the same (often, but not always).

So, that all said, I guess my philosophy could be summed up by saying that I'd rather wait up for trouble, ready to deal with it than fall asleep thinking that I'm safe. If it's worth securing, realize that you'll have to fight hard to keep it secure and that trivial things like emails are probably not worth the effort.