Please do not Cc me personally on your reply.
Am Donnerstag, 2. April 2015, 20:30:23 schrieb T.J. Duchene:
> > Where i come from ISP's dynamic IP lease times are *very* long, you
> > need to reboot the home router to get a new IP and even then you may
> > get the same IP. It's not that dynamic, at all. Add that with data
> > your browser provides, your *.google.com in|direct usage, etc... it's
> > easy to correlate and monetize.
>
> [T.J. ] Hi, Nuno!
>
> I used to work for multiple ISPs, and I can tell you a few things for
> what little they are worth. The source and destination IPs are tagged
> on each packet sent over Internet. If you are tracking someone from a
> browser, which is a higher level protocol than DNS, you have no need to
> correlate DNS calls. Worrying about providers logging DNS traffic is a
> fairly pointless time waster.
T.J. in using 8.8.8.8 as DNS server Google gets all the DNS queries. The
DNS server thus gets all the domains my client requests. With HTTP only
the server who I access and all the references URLs from the websites,
unless using something like the combination of Privoxy and Request Policy
iceweasel plugin, gets to know this information.
Having a default DNS thus means that the data is *centralized*.
If everyone uses their own providers DNS, it is spread around.
I think this makes a huge difference. I think Google is dangerous, cause
they are too big. They collect too much data.
The more user data you have, the people who want to use that user data for
legitimate or especially illegitimate purpose have a reason to try to get
that data from you. And also the more reason the data collector itself,
i.e. Google in that case, has to use that data.
That said, the fallback DNS is only used if no other DNS is configured.
Which IMHO is quite unusually.
Still: I see no point in having a default DNS. No point whatsoever. If at
all it should be opt-in, rather than opt-out.
On installation Debian asks network data. On DHCP it gets DNS. If on the
router DNS is not configured, then make that *visible* instead of hiding it
behind a default that may even harm network latency cause the local DNS
server may have lower latency than the default one.
I think the failback DNS case is a nice case for how just cause its in
systemd doesn´t mean it is right for everyone. And I think thats exactly
the issue with systemd upstream developers. Often they claim to have it
right for everyone or the majority. And often they seem to use a similar
kind of argumentation in calling the ones giving feedback as being such
and such.
Just cause someone doesn´t like google DNS as a default doesn´t mean he or
she is paranoid. So please stay away from personal attacks.
Thank you,
--
Martin 'Helios' Steigerwald -
http://www.Lichtvoll.de
GPG: 03B0 0D6C 0040 0710 4AFA B82F 991B EAAC A599 84C7