[hcs-d] Slow network?

Joshua Kroll kroll at cs.princeton.edu
Sat Dec 5 18:01:00 EST 2009


That's a good question. I can think of two reasons:

1. This is the best possible way for Google to get the data they've
never been able to get: a bird's-eye picture of web traffic that
/doesn't/ involve Google searches. Sure, they do a good job masking
personal information in their logs, but if you believe Latanya Sweeney
just eliminating IP addresses doesn't really anonymize data. I'm very
happy to have my data secured by being spread across several
administratively unrelated caches, thank you very much.

2. This hurts anyone who tries to locate users by their DNS resolver,
a common trick in on-line geolocation used by CDNs. Sure, Google has
several anycasted servers responding to these queries around the
world, but if you read their discussion group you'll learn that many
parts of the world aren't well covered. Google doesn't build inside
other carrier's networks for the most part: they peer with many
networks instead. This masks both the physical location and carrier
network information from anyone who might receive a DNS query, but
gives it to Google (and they do claim to log it). You might think that
this doesn't sound terribly evil, but it effectively imposes a cost on
anyone but Google who wants to provide CDN services to users of Google
Public DNS, which will one day probably include Chrome users. That
sounds like it borders on anticompetitive to me. Google will have to
walk a fine line here to avoid doing something actually evil.

That said, it's nice to have a widely-available, easy-to-remember,
well-maintained, well-secured high-performance caching DNS service.
It's also possible that since they're at least forwarding EDNS0 for
the moment, that they might be able to get enough clout to force one
of the four million or so secure DNS proposals into reality. Despite
what Ivan may tell you, at least one of them has to be better than
what we have now.

Josh

On Sat, Dec 5, 2009 at 2:53 PM, Grant Dasher <grant.dasher at gmail.com> wrote:
> Why?
>
> On Sat, Dec 5, 2009 at 2:43 PM, Joshua Kroll <kroll at cs.princeton.edu> wrote:
>> (is evil)
>>
>> On Sat, Dec 5, 2009 at 2:26 PM, Brad Seiler <seiler at fas.harvard.edu> wrote:
>>> http://code.google.com/speed/public-dns/
>>>
>>> -- Brad
>>>
>>>
>>> On Sat, Dec 5, 2009 at 9:34 AM, Greg Brockman <brockman at hcs.harvard.edu>
>>> wrote:
>>>>
>>>> Ah, apparently one of the FAS nameservers (was|is) down.  Sounds like
>>>> people are on it.
>>>>
>>>> Greg
>>>>
>>>> On Sat, Dec 5, 2009 at 8:19 AM, Greg Brockman <brockman at hcs.harvard.edu>
>>>> wrote:
>>>> > I'm noticing that connections over the FAS network are taking a long
>>>> > time to establish, but over e.g. the HCS rack-local network are normal
>>>> > speed.  Once connections are established they seem speedy as usual.
>>>> > Is some FAS node down?
>>>> >
>>>> > Greg
>>>> >
>>>> _______________________________________________
>>>> hcs-discuss mailing list
>>>> hcs-discuss at lists.hcs.harvard.edu
>>>> http://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss
>>>
>>>
>>> _______________________________________________
>>> hcs-discuss mailing list
>>> hcs-discuss at lists.hcs.harvard.edu
>>> http://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss
>>>
>>>
>> _______________________________________________
>> hcs-discuss mailing list
>> hcs-discuss at lists.hcs.harvard.edu
>> http://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss
>>
>


More information about the hcs-discuss mailing list