On Oct 27, 2023, at 14:20, John Levine <johnl@iecc.com> wrote:
It appears that Bryan Fields <Bryan@bryanfields.net> said:
-=-=-=-=-=- -=-=-=-=-=- On 10/27/23 7:49 AM, John Levine wrote:
But for obvious good reasons, the vast majority of their customers don't
I'd argue that as a service provider deliberately messing with DNS is an obvious bad thing. They're there to deliver packets.
For a network feeding a data center, sure. For a network like Charter's which is feeding unsophisticated nontechnical users, they need all the messing they can get.
If you're one of the small minority of retail users that knows enough about the technology to pick your own resolver, go ahead. But it's a reasonable default to keep malware out of Grandma's iPad.
R's, John
If it’s such a reasonable default, why don’t any of the public resolvers (e.g. 1.1.1.1, 8.8.8.8, 9.9.9.9, etc.) do so? DNS isn’t the right place to attack this, IMHO. Owen