Name resolution

[夜神 岩男]

> >> yeah... I just can't be bothered to set up BIND. That's what things like
> >> Google Public DNS is for. :D
> >
> > No, the purpose of Google Public DNS is to give Google insight into
> > every network query you make. Your filterbubble is heavily influenced by
> > your history record in Google's DNS system if you have dodged the other
> > ways of tracking. This sort of profiling goes further than syndicate
> > cookies and trackers ever could -- and is a brilliant, if somewhat
> > seductively evil, idea; so long as it is being used on someone other
> > than me.
> >
> > http://dontbubble.us/
> >
> > Avoiding Google entirely has brought a great deal of standardization and
> > rationality back to my organization -- that we didn't realize was
> > beginning to get shaky until just recently. Such an insidious thing,
> > filtered and tracked search.
> 
> Do you have any proof that Google's using queries to its Public DNS
> service to profile anyone (in spite of its FAQ clarifying that it
> isn't)?

Requests for proof on the internet from a person who does not work for
Google -- an internet argument deconstructionist in his opening play.
Nice. (Reminds me demands issued in Usenet of the Apollo landings...)

The filter bubble issue is very real. If you and I do a search on Google
for any given string, logged in to a Google account of any sort or not,
we will receive different results. This is a fact.

DNS query history would be the single most potent addition to Google's
profiling tags (as in naked profiling, on subjects who are not logged in
to a Google service or accepting tracking cookies or other devices). To
think that Google would *not* use their DNS query data is absurd. Let us
remember that this company has already found no problem in blowing off
German court subpoenas to account for and explain their violations of
European privacy laws while collecting Wifi and associated personal
network data while collecting local map data. Fibbing about their
privacy standards, which is nothing new for them anyway, is a minor
social foul by comparison.

>From a technical perspective whether Google is actually using the data
actively right now to profile you or not is unprovable. That does not
mean it is not a major security risk now, and increasingly in the
future. Conversely, do you have a way of proving that they are not using
such data in such a way other than what they say? The evidence of result
filtering is highly evident. Are you going to simply trust their story
on it?

Security and power is all about capability, not intent. Intent can
change with the wind (and always eventually does). Consciously seeking
the creation of a position of leveragable power is never done for the
"common good" there being no such thing anyway. It does not matter if
the intent is to use DNS query histories right now or to use them in the
future -- the position is being formed for a very deliberate reason. And
even if not for a deliberate reason, if Google realizes later on down
the road the position they are in the game will suddenly change because
capacbility will force a shift in intent. This is strictly in line with
everything history has ever demonstrated.

There is simply no such thing as a free lunch and Google stands to gain
enormously over the long term by marking DNS query records, and
ultimately (if possible) by exerting de facto control over the DNS root.
Handing Google your DNS root is even less democratic a way of running
things than continuing along with the IANA circus -- at least there is
more than one entity with a stake to argue there (hence at least some
argument), with Google controlling your DNS queries you have eliminated
the chance that someone could be at odds with an abusive interest
present in the system.

If this needs further explaining to anyone on this list then no degree
of explaination will ever suffice.

-Iwao