With Domain Name Seizures Increasing, It's Time For A Decentralized DNS System

from the bye-bye-icann dept

We've already written about the latest legal loss for The Pirate Bay, as well as Homeland Security's new domain seizure campaign. With the former, the entertainment industry has already declared that it hopes this ruling will lead ISPs in various countries to start blocking The Pirate Bay entirely. It may also seek to use other tools -- like the pending COICA bill -- to see if it can seize the domain name. This presents all sorts of troubling questions concerning free speech and prior restraint. However, as is often the case when the law does a weak job trying to respond to a changing technological world, technology figures out a way to leap ahead.

Case in point, fresh off the legal loss, Peter Sunde, who has been focused on Flattr rather than The Pirate Bay, for quite some time anyway, has noted that he's working with some folks to set up a competing root server system that avoids ICANN. ICANN, of course, has been instrumental in helping Homeland Security with its domain seizures (and has apparently handed over Sunde's domain names to the recording industry in the past). The idea, apparently, is to set up a truly distributed and more secure DNS system that does not rely on a single party, like ICANN.

This certainly seems like a big challenge, and one that has a high likelihood of failure. But it does appear that we're seeing more and more problems with the way ICANN operates (though, it's been trouble since it first came into being). An alternative system, actually set up by folks who understand the technology could actually catch on, and could present a serious challenge for those who think they can censor the web in any manner -- whether for political or corporate purposes.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    paperbag (profile), Nov 30th, 2010 @ 3:57am

    I'd use it. If software like Firefox can achieve so much overtime, I'd say almost anything is possible. I bet Google would be on, as long as it wasn't called 'The Pirate DNS'

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Nov 30th, 2010 @ 3:58am

    There has been rumblings about COICA having the potential to end up fragmenting the internet from some fairly heavy industry people for a long time now.
    With that in mind, making a decentralized system that cannot fall under one single countrys control seems to be the right cure.
    Then again, all ICANN had to do was to refuse to be a tool to be used by politicians and it would never have been a problem to start with.

     

    reply to this | link to this | view in thread ]

  3.  
    icon
    lfroen (profile), Nov 30th, 2010 @ 4:24am

    Can't see how this is supposed to work

    You can't fix broken US law with technical workaround. If I own whateverdomain.com DNS will hold record about
    "whateverdomain.com my.ip.address". And this record is authoritative, i.e. there's only 1 (and only) place which determine IP address for whateverdomain.com.

    What does it mean "distributed" here? Not shadow of root DNS (because this already exists). Do you mean there will be 2 (or more) places determining where whateverdomain.com go? Like one will say "my.ip" and another one "riaa.ip"? And how client will know which one is true? Right, you have no idea.

    Broken law should be fixed by politics; corruption - by law enforcement (and politics).

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, Nov 30th, 2010 @ 4:35am

    Re: Can't see how this is supposed to work

    Easy, unless you specify wich DNS to use in your operating system you get the default DNS for your ISP, now if you specify a DNS that is not under political control - politicians cannot determine wich domains you should or should not have access to.
    Distributed means that it will not be in one single location, and thus will never fall under one single countrys influence.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Nov 30th, 2010 @ 4:39am

    Your links bring me to the empty Twitter frontpage, I couldn't read the tweets :-(

     

    reply to this | link to this | view in thread ]

  6.  
    icon
    Lisae Boucher (profile), Nov 30th, 2010 @ 4:42am

    Who is shadowserver.org?

    I did some investigations and discovered that you can get a list of domains that were seized through RobTex: http://www.robtex.com/ip/74.208.15.160.html
    All these sites now seem to lead to 74-208-15-160.sinkhole.shadowserver.org and thus to shadowserver.org. Now I cannot help but wonder who or what this shadowserver.org organisation is. Who are they? Why are they apparently hosting this page? What is their part in this whole case?
    I also think they only seized domain names that were registered with an US registrar, not any foreign registrars.

    It is however an interesting list of sites to see. They all seem to be related to sites supporting copyright violations in some way...

     

    reply to this | link to this | view in thread ]

  7.  
    icon
    The Mighty Buzzard (profile), Nov 30th, 2010 @ 4:47am

    Re: Re: Can't see how this is supposed to work

    The problem is, not falling under one country's control means falling under several countries' competing control. As a guy who's had to run corporate DNS servers, I really don't want the headache of having to shop around for the least bad root server only to find out that six months later half the civilized world has null routed it because it doesn't censor to their tastes.

    Yeah, ICANN needs to be replaced but whatever the solution is it does not need to be of a distributed nature. DNS needs to be authoritative even if you don't care for how the current authority does things.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Nov 30th, 2010 @ 4:51am

    Re: Re: Re: Can't see how this is supposed to work

    Decentralized makes good sense for the sake of redundancy though. 4-5 servers with a voting system to prevent injection of erroneous data should one server be compromised.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Richard Kulawiec, Nov 30th, 2010 @ 5:11am

    There are multiple problems here

    ICANN's an obvious problem: it's become an example of regulatory capture, which is why its policies are designed to maximize registrar profits -- no matter what the damage to the Internet. (That's why we got several years of "domain tasting", even though everyone with the slightest clue knew that there is absolutely no legitimate use for such a thing.) This latest move is merely more ICANN pandering -- it has nothing to do with the merits of the case or the purported principles behind it.

    The US-centric control of DNS is another problem. It's been obvious for some time (and this latest example just reinforces this) that this control will be exerted with it's politically expedient.

    Allocation policies (especially now that we are approaching the exhaustion of IPv4 space) are yet another issue: it's far easier for spammers and other abusers to get a /16 than it is for legitimate operations. Network hijacking has become an epidemic problem and no effective response exists.

    Toss into the mix the problem of multiple roots (which has technical issues as well as political ones) and I think it'd just get worse. But frankly, it already has gotten worse, so perhaps it's just a matter of which swamp we'd like to wade through.

     

    reply to this | link to this | view in thread ]

  10.  
    icon
    Michael Lockyear (profile), Nov 30th, 2010 @ 5:16am

    .onion?

    AlterNIC? (defunct)
    http://en.wikipedia.org/wiki/AlterNIC

     

    reply to this | link to this | view in thread ]

  11.  
    icon
    The Mighty Buzzard (profile), Nov 30th, 2010 @ 5:16am

    Re: Re: Re: Re: Can't see how this is supposed to work

    You assume China's, for example, .com server will take into account the votes of the other 4. It won't. Sites it doesn't like for political reasons will fail to resolve. Wikileaks will eventually fail to resolve in the US. It's not a matter of them getting compromised, they're going to start out, and stay, that way because they're legally required to wherever they're hosted.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Bengie, Nov 30th, 2010 @ 5:24am

    Freenet

    When they keep doing this, it's going to push more and more people to Freenet.

    Freenet has been in beta for a long time, but even back in 0.1, it was semi-usable. It consumes a decent amount more bandwidth than BT because of the way it's setup and you can't help but host parts of other people's files, but it's currently the only secure P2P client that won't get you sued by **AA and the government can't touch.

    Short of making Freenet illegal, it may take off with the way all these crackdowns have been happening.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Coward, Nov 30th, 2010 @ 5:25am

    Re: Re: Re: Re: Re: Can't see how this is supposed to work

    Nothing stops an American surfer from specifying a Canadian or Mexican DNS (except maybe performance), that is how the people in China do it right now, proxies and external DNS servers to get an unfiltered internet.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Bengie, Nov 30th, 2010 @ 5:30am

    Re: Freenet

    Forgot to add, Freenet is legitimate. It has been getting supported by "Google's Summer of Code" for quite a while and Google has even made direct cash donations.

    I haven't used it in over 8 years now, but I would assume it's better than it use to be.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Twinkcentral, Nov 30th, 2010 @ 5:30am

    Stumbled across this yesterday while reading about the take downs.

    Was it really ICANN or was it Verisign?

    Either way I still think there should be an alternate DNS method.

    http://nenolod.net/did-icann-really-seize-torrent-finder-com-or-was-it-verisign/

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Richard Kulawiec, Nov 30th, 2010 @ 5:52am

    Re: Re: Re: Re: Re: Re: Can't see how this is supposed to work

    Nothing stops an American surfer from specifying a Canadian or Mexican DNS (except maybe performance),

    It's quite easy to block alternate DNS resolvers -- see for example the current flap between Verizon Wireless and OpenDNS. It's also nearly as easy to return bogus DNS results, given the (current) low adoption rate of DNSSEC.

    One of the inevitable (and positive) results of this little adventure, as well as the tactics of the MAFIAA, as well as the those of cockroaches like Phorm, is that encryption will become increasingly utilized. That alone is not enough to evade all the countermeasures -- since it doesn't address routing -- but it's a good start.

     

    reply to this | link to this | view in thread ]

  17.  
    icon
    Kingster (profile), Nov 30th, 2010 @ 5:58am

    P2P DNS has a blog now.

     

    reply to this | link to this | view in thread ]

  18.  
    icon
    btr1701 (profile), Nov 30th, 2010 @ 6:00am

    Not a Problem

    They'll just outlaw anything they can't control.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Anonymous Coward, Nov 30th, 2010 @ 6:03am

    Re: Can't see how this is supposed to work

    Bitcoin may have solved that problem already.

    How does Bitcoin work?

    Bitcoin utilizes public/private key cryptography. A coin has its owner's public key on it. When a coin is transfered from user A to user B, A adds Bís public key to the coin and signs it with his own private key. Now B owns the coin and can transfer it further. To prevent A from transferring the already used coin to another user C, a public (but anonymous) list of all the previous transactions is collectively maintained by the network of Bitcoin nodes, and before each transaction the coinís unusedness will be checked.


    A DNS can be issued to somebody, the DNS system creates a key for it and check a distribute database that is maintained in the cloud only then it gives the domain to the person making the request if there is no one else requiring it.

    Squatters would be a problem though :)

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    NullOp, Nov 30th, 2010 @ 6:04am

    DNS

    The domain controlling group was originally composed of ex-government service people. That should say enough about why things go down the way they do. Once poisoned by government brainwashing....always poisoned by government brainwashing!

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Michial Thompson, Nov 30th, 2010 @ 6:04am

    What's new about this?

    Honestly what's new about this at all? I've been using my own DNS/Zone files for years to bypass iCANN't.

    I would be shocked if there aren't already a number of pirate/file share networks out there using the same process.

    For security purposes to help me protect some of my servers I setup my own DNS Servers with zone files for non-existant domains that allow me to have customers simply add my DNS Server on their machines, use their systems like normal for accessing everything. My DNS forwards their normal requests to them, and when they hit one of my non existing domains it sends them my zone file.

    As for making this distributed, still not too hard to do. MY DNS Server relies on my ISP's DNS Servers to get all domain information other than it's local Zone Files... Wouldn't be hard to configure a distributed DNS system that doesn't NEED iCANN't at all, just uses them for traditional stuff when needed.

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Anonymous Coward, Nov 30th, 2010 @ 6:07am

    Sick of Homeland Security yet?

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Anonymous Coward, Nov 30th, 2010 @ 6:10am

    Re: Re: Re: Can't see how this is supposed to work

    DNS needs to be authoritative even if you don't care for how the current authority does things.


    Why?

    Most if not all the functions of an authoritative authority can be automated, why do we need people in the mix?

    Even next features can be added in a true democratic way, with a system that can vote things requiring super-majorities, like banning certain websites or restoring domains.

    Besides this would be a overlay and would function in parallel to the old system.

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    Anonymous Coward, Nov 30th, 2010 @ 6:11am

    Re: Who is shadowserver.org?

    A whois lookup reveals that shadowserver.org belongs to an organization called "The Shadowserver Foundation" based out of Westwood, NJ.

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    Anonymous Coward, Nov 30th, 2010 @ 6:19am

    Re: Freenet

    If only they coded that in C or even python but JAVA?

    That is why I don't use the others like oneswarm and I2P(Italian).

    But Netsukuku(Italian), Osiris Serverless Portal System(Italian) and GNUNet(Probably USA) are all good.

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    Anonymous Coward, Nov 30th, 2010 @ 6:22am

    Re: Can't see how this is supposed to work

    Probably you want to see how Netsukuku, Osiris SP, TOR, Bitcoin solved that problem.

     

    reply to this | link to this | view in thread ]

  27.  
    icon
    Hephaestus (profile), Nov 30th, 2010 @ 6:40am

    hmmm .... what can I say ....

    Told you so :)

     

    reply to this | link to this | view in thread ]

  28.  
    icon
    Lachlan Hunt (profile), Nov 30th, 2010 @ 6:55am

    The domain that Sunde is referring to, which was handed over to the IFPI, was ifpi.org. Sunde had somehow obtained the domain after the IFPI had let it expire. The details of how he obtained it aren't clear, but he claimed it was given to him by someone else who snagged it after it expired. He had then set up a landing page on the site calling it the International Federation of Pirates Interests. ICANN then decided to seize the domain and return it to the IFPI.

     

    reply to this | link to this | view in thread ]

  29.  
    identicon
    Kevin Murphy, Nov 30th, 2010 @ 7:10am

    Errors.

    This piece creates a straw man using inaccurate information.

    1. "ICANN, of course, has been instrumental in helping Homeland Security with its domain seizures"

    Incorrect. VeriSign handed over the domains after receiving a court order. ICANN knew nothing about it.

    2. ICANN "apparently handed over Sunde's domain names to the recording industry".

    Incorrect. Sunde lost a UDRP case to the International Federation of the Phonographic Industry over the domain ifpi.com. The case was decided by the World Intellectual Property Organization, not ICANN.

    You can read the decision here. http://www.udrpsearch.com/wipo/d2007-1328

     

    reply to this | link to this | view in thread ]

  30.  
    icon
    Hephaestus (profile), Nov 30th, 2010 @ 7:24am

    Re: Not a Problem

    How do you outlaw something you can't control? The laws of physics? I mean the laws of physics trump the laws of man every time.

     

    reply to this | link to this | view in thread ]

  31.  
    identicon
    Urza9814, Nov 30th, 2010 @ 7:40am

    Re: Re: Freenet

    Freenet's developers also fucked up so bad that it's inspired a fork, called FCON. Been around for a few years now. The 0.7 net is _still_ damn near unusable, after they entirely dropped support for 0.5 close to 3 years ago now. In other words, for more than 3 years they were pushing software that was Alpha quality at best. It's still only now reaching Beta quality software...

     

    reply to this | link to this | view in thread ]

  32.  
    identicon
    Anonymous Coward, Nov 30th, 2010 @ 8:18am

    "However, as is often the case when the law does a weak job trying to respond to a changing technological world, technology figures out a way to leap ahead. "

    While this is probably true, I don't see decentralized DNS as that strong step in the right direction. Governments can force ISP's to block IP addresses or to disconnect the servers from their ISP's.

    The closest next step that I could see would have to be something like creating a wireless internet. Wireless routing technology is improving and, if it weren't for FCC regulations, it can probably already reach distances sufficient (though slow and inefficient) to create a big decentralized P2P wireless net if enough people get routers (broadcasting signals can travel miles if you set directional antennas to the right frequencies with a decent amount of intensity). Sure, the technology is still somewhat expensive, but it'll come down in price even if it has to be sold via the black market. and people will pay for the technology, many people used to pay for those huge directional antennas that you put in your back yard, or place in a high location, and connect them to receivers to watch satellite T.V. stations from other countries (though, due to technological improvements, no one really uses those huge directional antennas anymore). Many of those directional antennas even had the ability to automatically change their own direction to point to the appropriate satellite that was broadcasting the station you were watching (they had a motor that could move it around). The ability to transmit signals for miles, even with obstacles in the way, is hardly an issue, corporations even know that a determined wardriver can pick up corporate WiFi from a good distance with the right equipment. If people want they can get a hold of the equipment necessary to transmit signals across long distances, even if expensive, buying huge directional antennas was done by many people in the past to receive signals from satellites.

    Of course, the biggest obstacle is to avoid getting detected by the government for breaking FCC laws. People might find ways around that too, if they can figure out ways to point directional antennas at each other and better focus the beam (like a laser pointer sorta) so that it doesn't give out much detectable ambient light to non intended targets. I don't really see a widescale wireless internet of such being undetectable by the government though, at least not with today's technology.

    Who knows what future advancements might be made within the next couple hundred years though. Maybe quantum non local communication. Technology has gone an incredibly far way within the last 20 years alone, and some new technology might come out that could negate all of the governments current efforts. But this decentralized DNS thing alone isn't it, at least not its use with currently existing Internet technology. We have to lose our dependency on centralized ISP's that are subject to government law before we can really avoid being blocked by any government mandates. and don't think encryption (like TOR) can save you, the government can simply decide (as they do in some countries) that no encrypted messages from unauthorized sources are allowable and that transceiving such messages is punishable by law. The solution is to route around the current information gatekeepers and we currently do not have the technology for that.

     

    reply to this | link to this | view in thread ]

  33.  
    identicon
    Anonymous Coward, Nov 30th, 2010 @ 8:43am

    Reading the project homepage (http://dot-p2p.org/index.php?title=Main_Page) this seems a whole lot simpler than many of the specualtions in the comments make it out to be.
    It will basically be an application that updates an url list on your computer (think hosts or lmhosts) specifically for the new TLD .p2p.
    No mucking about with paralell DNS systems, just a new TLD outside of government control.

     

    reply to this | link to this | view in thread ]

  34.  
    identicon
    Anonymous Coward, Nov 30th, 2010 @ 9:38am

    Re: Can't see how this is supposed to work

    Like one will say "my.ip" and another one "riaa.ip"? And how client will know which one is true? Right, you have no idea.

    People don't care, they want options. Some people want the ability to switch over to an alternative DNS to get the content they desire. While you may find it inconvenient, others easily work around.

     

    reply to this | link to this | view in thread ]

  35.  
    identicon
    Twinkcentral, Nov 30th, 2010 @ 11:17am

    Re: Can't see how this is supposed to work

    Here is another way to do alternate DNS.

    http://dns.telecomix.org/

     

    reply to this | link to this | view in thread ]

  36.  
    identicon
    Paul Keating, Nov 30th, 2010 @ 3:06pm

    The Shadowserver Foundation

    Domain Name:SHADOWSERVER.ORG
    Created On:29-Mar-2004 04:50:33 UTC
    Last Updated On:28-Jan-2010 08:51:47 UTC
    Expiration Date:29-Mar-2011 04:50:33 UTC
    Sponsoring Registrar:Network Solutions LLC (R63-LROR)
    Status:CLIENT TRANSFER PROHIBITED
    Registrant ID:40855724-NSI
    Registrant Name:The Shadowserver Foundation
    Registrant Organization:The Shadowserver Foundation
    Registrant Street1:700-76 Broadway
    Registrant Street2:Suite 236
    Registrant Street3:
    Registrant City:Westwood
    Registrant State/Province:NJ
    Registrant Postal Code:07675
    Registrant Country:US
    Registrant Phone:+1.9144106480
    Registrant Phone Ext.:
    Registrant FAX:
    Registrant FAX Ext.:
    Registrant Email:

     

    reply to this | link to this | view in thread ]

  37.  
    identicon
    Paul Keating, Nov 30th, 2010 @ 3:07pm

    SHADOWSERVER FOUNDATION

     

    reply to this | link to this | view in thread ]

  38.  
    identicon
    Anonymous Coward, Nov 30th, 2010 @ 9:32pm

    NOTICE: Access to .ORG WHOIS information is provided to assist persons in
    determining the contents of a domain name registration record in the Public Interest Registry
    registry database. The data in this record is provided by Public Interest Registry
    for informational purposes only, and Public Interest Registry does not guarantee its
    accuracy. This service is intended only for query-based access. You agree
    that you will use this data only for lawful purposes and that, under no
    circumstances will you use this data to: (a) allow, enable, or otherwise
    support the transmission by e-mail, telephone, or facsimile of mass
    unsolicited, commercial advertising or solicitations to entities other than
    the data recipient's own existing customers; or (b) enable high volume,
    automated, electronic processes that send queries or data to the systems of
    Registry Operator or any ICANN-Accredited Registrar, except as reasonably
    necessary to register domain names or modify existing registrations. All
    rights reserved. Public Interest Registry reserves the right to modify these terms at any
    time. By submitting this query, you agree to abide by this policy.

    Domain ID:D104165407-LROR
    Domain Name:SHADOWSERVER.ORG
    Created On:29-Mar-2004 04:50:33 UTC
    Last Updated On:28-Jan-2010 08:51:47 UTC
    Expiration Date:29-Mar-2011 04:50:33 UTC
    Sponsoring Registrar:Network Solutions LLC (R63-LROR)
    Status:CLIENT TRANSFER PROHIBITED
    Registrant ID:40855724-NSI
    Registrant Name:The Shadowserver Foundation
    Registrant Organization:The Shadowserver Foundation
    Registrant Street1:700-76 Broadway
    Registrant Street2:Suite 236
    Registrant Street3:
    Registrant City:Westwood
    Registrant State/Province:NJ
    Registrant Postal Code:07675
    Registrant Country:US
    Registrant Phone:+1.9144106480
    Registrant Phone Ext.:
    Registrant FAX:
    Registrant FAX Ext.:
    Registrant Email:
    Admin ID:40855725-NSI
    Admin Name:Shadowserver Foundation
    Admin Organization:The Shadowserver Foundation
    Admin Street1:700-76 Broadway - Suite 236
    Admin Street2:
    Admin Street3:
    Admin City:Westwood
    Admin State/Province:NJ
    Admin Postal Code:07675
    Admin Country:US
    Admin Phone:+1.9144106480
    Admin Phone Ext.:
    Admin FAX:
    Admin FAX Ext.:
    Admin Email:
    Tech ID:40855725-NSI
    Tech Name:Shadowserver Foundation
    Tech Organization:The Shadowserver Foundation
    Tech Street1:700-76 Broadway - Suite 236
    Tech Street2:
    Tech Street3:
    Tech City:Westwood
    Tech State/Province:NJ
    Tech Postal Code:07675
    Tech Country:US
    Tech Phone:+1.9144106480
    Tech Phone Ext.:
    Tech FAX:
    Tech FAX Ext.:
    Tech Email:
    Name Server:NS1.SHADOWSERVER.ORG
    Name Server:NS2.SHADOWSERVER.ORG
    Name Server:NS3.SHADOWSERVER.ORG
    Name Server:
    Name Server:
    Name Server:
    Name Server:
    Name Server:
    Name Server:
    Name Server:
    Name Server:
    Name Server:
    Name Server:
    DNSSEC:Unsigned

     

    reply to this | link to this | view in thread ]

  39.  
    identicon
    darryl, Dec 1st, 2010 @ 5:12am

    The DNS system is allready decentralized.

    Thats right, there is no one single point or place where all the domain names are served up.

    I dont know about today, but about 10 years ago there was at least 10 DNS server farms, in different places around the globe.

    As well as that, you can create your very own DNS server, its very easy with a linux system, and probably with windows as well.

    You can make a PC on your network the DNS server, and that can speed up your web searching, especially with DNS caching enabled.

    There is nothing stopping you from building your own DNS server and placing it on the internet. If you have the bandwidth, and you can get people to set your IP as the DNS address for their web surfing..

    Could even be a techdirt server,

     

    reply to this | link to this | view in thread ]

  40.  
    identicon
    Anonymous Coward, Dec 1st, 2010 @ 5:34am

    Re: Re: Can't see how this is supposed to work

    If we use Bitcoin's solution for DNS then every web surfer will have to download 10 TB of DNS records just to get started.

     

    reply to this | link to this | view in thread ]

  41.  
    identicon
    Anonymous Coward, Dec 1st, 2010 @ 5:51am

    Re: The DNS system is allready decentralized.

    But it all depends on a root file controlled by ICANN. Indeed, the use of "decentralized" bothers me here too, especially since of the suggestions are simply to build a system that works the same way but trusts someone else with the root file.

    So DNS is already decentralized, yes, but ultimately it's centralized, in the same way torrents that require trackers are ultimately centralized

     

    reply to this | link to this | view in thread ]

  42.  
    identicon
    Anonymous Coward, Dec 1st, 2010 @ 7:09am

    The new DNS system would not compete with ICANN. All your DNS requests would still go to the good old goverment controlled DNS servers.

    ONLY if you try to access a site ending in ".P2P" would the program instead check a file on your own computer for the IP number of that address.

    That file is in turn kept up to date by being connected to a special bittorrent swarm coded for that specific purpose.

    At no point is there any conflict between P2PDNS and ICANN, other than castrating ICANNs ability to censor the web.

     

    reply to this | link to this | view in thread ]

  43.  
    icon
    btr1701 (profile), Dec 1st, 2010 @ 4:07pm

    Re: Re: Not a Problem

    > How do you outlaw something you can't control?

    It's like encryption. They can't control encryption, so eventually they'll just outlaw its use. It won't matter if they can break it or not. Just using it will be the crime.

     

    reply to this | link to this | view in thread ]

  44.  
    icon
    DASHWORLDS (profile), Dec 1st, 2010 @ 5:22pm

    Alternative DNS already here (DASHCOMs)

    Non-ICANN Domain names are already available at http://dashworlds.com

    New DASHCOM domains can now be registered totally free (Includes option to create your own TLDs)

    Examples of new domains:

    business-com

    travel-net

    happy-birthday

    thank-you

    (DASHCOM domains also offers ISP link in options)

     

    reply to this | link to this | view in thread ]

  45.  
    identicon
    Anonymous Coward, Dec 4th, 2010 @ 7:24pm

    Re: Re: Can't see how this is supposed to work

    That may sound like an easy solution, but it will turn into a complete mess. DNS without authority is not a DNS at all. To call it distributed DNS is almost a conflict in terms. DNS is based on hierarchical trust models that essentially form a backbone of functionality and trust on the web as we know it so far. Moreover, current web security models RELY on DNS to be the same wherever you go (sessions with cookies which are security boondoggles in themselves and are a part of another conversation). If there's no central point of trust, the system doesn't have a uniform behavior that everybody can rely on and anticipate. Who do you trust? What do you do if somebody else trusts somebody you don't? What do you do about namespace conflics (i.e, there are multiple IP addresses given for a particular domain from different sources).

    If you're worried about COICA fragmenting the web, just wait and see what will happen when everybody turns on a "distributed DNS" system.

     

    reply to this | link to this | view in thread ]

  46.  
    identicon
    GhettoNet, Dec 4th, 2010 @ 8:39pm

    A simple hack for now

    I just finished throwing this script together - it helps you manage, update and share entries in the hosts file. It's not a distributed DNS, but it's a simple work-around that others could build on...

     

    reply to this | link to this | view in thread ]

  47.  
    identicon
    GhettoNet, Dec 4th, 2010 @ 8:40pm

    Re: A simple hack for now

    I guess it may not be obvious, but the link, which is in "GhettoNet" above the post is https://github.com/ghettonet/GhettoNet

     

    reply to this | link to this | view in thread ]

  48.  
    identicon
    Fairy, Dec 4th, 2010 @ 9:42pm

    tinkle

    Your order of (1) one Male Adult Tinkerbell Costume is complete, please proceed to checkout.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This