27 Oct
2023
27 Oct
'23
7:22 p.m.
* Owen DeLong [Sat 28 Oct 2023, 01:00 CEST]:
If it’s such a reasonable default, why don’t any of the public resolvers (e.g. 1.1.1.1, 8.8.8.8, 9.9.9.9, etc.) do so?
It's generally a service that's offered for money. Quad9 definitely offer it: https://www.quad9.net/service/threat-blocking
DNS isn’t the right place to attack this, IMHO.
Why not (apart from a purity argument), and where should it happen instead? As others pointed out, network operators have a vested interest in protecting their customers from becoming victims to malware. -- Niels.