Re: [GTALUG] CIRA officially launches free DNS firewall for consumers | IT World Canada News
On 4/28/20 1:10 AM, ac via talk wrote:
On Mon., Apr. 27, 2020, 09:08 James Knott via talk, <talk@gtalug.org> wrote:
I came across this today: https://www.itworldcanada.com/article/cira-officially-launches-free-dns-fire... https://www.cira.ca/cybersecurity-services/canadian-shield/configure so... no opinions... no comments... no discussion... just posting
On Mon, 27 Apr 2020 12:31:50 -0400 Gordon Chillcott via talk <talk@gtalug.org> wrote: links, multiple times, or doing marketing now, we are? Ouch.
my not so humble opinion is that dns over https is very evil, even if done under the guise of "privacy" or "protection/nanny" or "to protect us" or under any other logic or reasoning. DNS over https is not in and of itself evil. If it is used as a way to implement surveillance capitalism then it becomes evil. I rather liked the quote from the CIRA CTO “As a non-profit with no interest in monetizing user data we were able to bring together a group of great partners who are committed to protecting Canadians online–including the first-ever national deployment of DNS over HTTPS globally,” The only thing missing was the " yet " after the words "no interest". Somewhere down the line CIRA will likely face a fiscal problem and suddenly there will be value in that user data that cannot be passed up.
How about DNS over TOR?
my further opinions are that any "nanny" type "free" service where someone else decides what and where i may or may not go or what i may or may not see, needs to be either well regulated/controlled/open/published/etc or simply not be accepted...
Sometimes nannies are good things. People without the wherewithal or interest in managing their own security likely are in need of a nanny.
anyway, i am probably a minority as i also do not like/use/support very popular and world dominating services such as 'whatsapp' and i do not tweet or post photos of my food on insta and i have zero tiktok vids
I have a feeling your take is not a minority on this list.
so i guess ymmv,
Andre
--- Post to this mailing list talk@gtalug.org Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk
-- Alvin Starr || land: (647)478-6285 Netvel Inc. || Cell: (416)806-0133 alvin@netvel.net ||
On Tue, 28 Apr 2020 08:13:11 -0400 Alvin Starr <alvin@netvel.net> wrote: <snip so many cool things around here somewhere>
How about DNS over TOR?
as usual, LOVE the way you think :) How about just plain old DNSSEC? (instead of a nanny) - yay, IT Works! - and is so mature already...(without all the risks of having/using a nanny) and using connectivity providers (instead of third parties and dns over https) -- for caching/recursive, like Bell (Bell CA actually does not track/record/monetise their users DNS querries afaik) Problems all solved?
my further opinions are that any "nanny" type "free" service where someone else decides what and where i may or may not go or what i may or may not see, needs to be either well regulated/controlled/open/published/etc or simply not be accepted...
Sometimes nannies are good things.
yes, nannies are 'sometimes' good things, but for some people BAD nannies are sometimes even better :)
People without the wherewithal or interest in managing their own security likely are in need of a nanny.
again, dnssec already protects users, it just needs wider adoption, which is the issue.. .as for "shared" domains like outlook.com - abuse management costs will increase? - which is probably why dnssec has never caught on, it is not "sexy" (like some nannies...)
anyway, i am probably a minority as i also do not like/use/support very popular and world dominating services such as 'whatsapp' and i do not tweet or post photos of my food on insta and i have zero tiktok vids
I have a feeling your take is not a minority on this list.
ooh, warm & fuzzies to you too, I have a home *sigh* :)
participants (2)
-
ac -
Alvin Starr