Re: OpenDNS safer or not?

davidu wrote:


And if you use OpenDNS because you *want* this type of
protection, then it's with your consent.
It is within your consent if they add sites on their censorship list which
are not related to phishing at all, and this without your knowledge?

You have no idea what OpenDNS does.


I'd rather say this applies to you.

You have no idea that we give you full control over your DNS in a way you
never have before.

And you seem to have no idea how utterly bull*** this is. Not just wrt. to
what OpenDNS does (censorship that is not just limited to proclaimed
phishing hosts), but also how I'm running my very own DNS server (recent
BIND9 with some patches and a well-understood configuration).

Your comment is like claiming that a firewall is a security risk because
it causes Denial of Service when it prevents you from accessing certain
sites or using some applications.
It is. A firewall shouldn't do such a thing.

Wow. That's exactly what a firewall does.


No, this is not even remotely what a firewall does.

It presents a barrier based on specified rules.

And the rules are supposed to implement to filter out everything you don't
want to work. If it blocks something that is supposed to work, the firewall
is obviously misconfigured.

And firewalls can and often do work at all layers of the OSI stack.

You may or may not notice that there are various differences between the
internet protocol stack and the OSI model.
.