[tor-talk] TAILS uses one DNS server from OpenDNS **WARNING **

mick mbm at rlogin.net
Sun Oct 27 19:23:03 UTC 2013

On Sun, 27 Oct 2013 14:06:35 -0400
Ted Smith <tedks at riseup.net> allegedly wrote:
> OpenDNS authenticates by IP, so anyone using the exit node can change
> the OpenDNS settings if the exit node operator hasn't made an
> account. 
> The exit node operator can do all of those things, but anyone using
> Tor can do them with OpenDNS.

In my view OpenDNS should never be trusted for anything. They do not
correctly reply with NXDOMAIN to a query for a non-existent host or
domain. They have also in the past specifically hijacked queries aimed
at Google.

DNS servers should not play fast and loose with replies.


 Mick Morgan
 gpg fingerprint: FC23 3338 F664 5E66 876B  72C0 0A1F E60B 5BAD D312


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20131027/8dcee4c4/attachment.sig>

More information about the tor-talk mailing list