How do I use Google’s Public DNS Servers?
Context: What are DNS Servers? From Wikipedia (read it in full):
An often used analogy to explain the Domain Name System is that it serves as the "phone book" for the Internet by translating human-friendly computer hostnames into IP addresses. For example, www.example.com translates to 208.77.188.166.
In short, if you're on the Internet, you are already using some DNS server - most probably the one provided by your ISP. Some more technically inclined folks may also be using OpenDNS servers.
Google announced just today that they are providing publicly hosted DNS servers. The motivation? Speeding up the Internet. It's is not the only effort to do so - see their SPDY protocol. So what is Google trying to achieve with its DNS servers? From the horse's mouth:
- Speed: Resolver-side cache misses are one of the primary contributors to sluggish DNS responses. Clever caching techniques can help increase the speed of these responses. Google Public DNS implements prefetching: before the TTL on a record expires, we refresh the record continuously, asychronously and independently of user requests for a large number of popular domains. This allows Google Public DNS to serve many DNS requests in the round trip time it takes a packet to travel to our servers and back.
- Security: DNS is vulnerable to spoofing attacks that can poison the cache of a nameserver and can route all its users to a malicious website. Until new protocols like DNSSEC get widely adopted, resolvers need to take additional measures to keep their caches secure. Google Public DNS makes it more difficult for attackers to spoof valid responses by randomizing the case of query names and including additional data in its DNS messages.
- Validity: Google Public DNS complies with the DNS standards and gives the user the exact response his or her computer expects without performing any blocking, filtering, or redirection that may hamper a user's browsing experience.
Out of the 3 things promised, I find validity interesting. Why? Because by controlling DNS servers, Google has the power to block, filter and redirect Internet traffic, but they promise not to do so. This is a big concern because the big G could've chosen the more 'cunning' way of redirecting unresolved hostnames to its search engine (redirection) or choose to filter out their competitors' traffic. I'm hoping Google is above such dirty tactics of course, they don't need to do so anyway.
Interested yet? See the guide on how to use Google's Public DNS.
Closure Tool – Javascript Compiler, Library and Templates
Google is doing its thing again, this time at the Javascript front. Google is pretty heavy on Javascript, all of the major Google web applications uses Javascript - think GMail, Maps, Docs and Sites. Closure it seems is the result of talented engineers that needs to use something, realizes there are no standards, and set off to solve these issues (regular engineers would of course just sit back and bitch about the lack of standards).
CodeAndroid MY
This is a shout out to anyone interested in for the Android platform in Malaysia. Be part of CodeAndroidMY! Though we're new and young, there are interesting things going on. The first meeting was a bird-of-feathers at FOSSMY held recently. The meeting itself was cool, with freebies from various sponsors (hit the link to find out) but the best thing was the actual turn out. Anyway, hit the link and find out more about CodeAndroid.MY.
Some more links:
Blog: http://codeandroid.my
Facebook: http://www.facebook.com/group.php?gid=133530318700
Twitter: http://twitter.com/CodeAndroidMY
Google Group: http://groups.google.com/group/codeandroid-malaysia/
HTC To Offer Sense Upgrade to HTC Magic
HTC Magic users in Taiwan will get the update for free, which means the rest of the Magic users will have to wait, oh, what, couple of days before getting their hands on this thing. No, really, when you consider how fast things are going on in the home-brew ROM world of Android, a couple of days is all you need to wait. Of course, HTC said that Sense is not coming to any 'with Google' devices. Don't know why but there's at least one good reason - HTC Magic is of higher spec - they have 288MB of RAM. Even on plain vanilla Android, 191MB (or 90MB usable) is really really paltry. It's bearable, but let's just say if I could buy a couple of sticks of RAM and upgrade the thing, I would have.
Still, some have got Sense working on a G1 with hacking Linux swp into it to compensate for lack of RAM so the same thing could be done for the 'with Google' HTC Magics (e.g. the myTouch 3g).
Source:HTC to offer Sense upgrade for Magic in October, might be free?
VMWare Acquires SpringSource
The company behind my favourite enterprise Java framework has just been acquired. Apparently the main reason for this is because Spring technologies has potential to contribute to VMWare's vision of Platfrom-as-a-Service (PaaS). SpringSource has grown beyond just the Spring Framework - they offer mutliple server solutions, lead in OSGI implementations and even provide a monitoring solution. Maybe Spring is the underlying software solution, but I can be pretty sure VMWare couldn't care less about that. What they do care is how SpringSource's solutions are able to make things just work and quite effortlessly.
The standard fare of reinforcing SpringSource's commitment to open-source is there as well, so at least they're trying to say the open-source community is still within their radar. But I'll take this with a grain of salt and see how thing goes. It's been months since the Oracle-Sun acquisition and we've yet to see the fallout.
Read more: SpringSource: Chapter Two | SpringSource Team Blog
‘Fixing’ WPA Hack
ArsTechnica has a write-up on the recent WPA exploit that's been going on. It seems that a mathematical breakthrough has allowed the TKIP portion of WPA to be broken in less than 15 minutes. This is coming from Erik Tews, a guy that proved WEP to be practically useless so far as securing your 802.11x networks. This potentially allows DNS poisoning or spoofing, a dangerous and advanced form of phishing. The article is a little bit hard to digest, but ultimately the fix is not to use TKIP in your WPA(2) network, only AES encryption.
Read more - Battered, but not broken: understanding the WPA crack