OpenDNS For A Week

In case you haven’t heard, OpenDNS (wikipedia) is a free DNS service designed to improve your surfing experience, or as their PR blur puts it:

…is a safer, faster, smarter and more reliable way to navigate the Internet.

I decided to try it out for a week, replacing my ISP’s default DNS servers. All-in-all I got just about what I expected.

Setup
The set up process was probably the most painful part of the experience, but that is more my router’s fault than anything else. For whatever reason my router – the usualy reliable linksys WTR54G – decided to crap out after I changed the DNS setting. I had to do hard reboot before I was good to go.

Faster?
I was a little skeptical about their claim to be faster. I mean, DNS is one of the most lightweight services one the internet, it’s not terribly slow to begin with. Plus my ISP’s DNS servers are only a few hops away, how could a centralized/internet wide service be faster. I don’t know how they do it, but I was pleasantly surprised! Noticed faster DNS resolution immediately!

Safer?
The safer claim refers to the massive blacklists OpenDNS taps into. They give you the ability to block phishing sites and various levels of adult content (from ‘tasteless’ to full on porn sites). I decided to turn on the lowest level of adult blocking (only porn sites) and leave the phishing blocking on. I don’t often find myself on sites these filters would block, I was basically testing for false positives. If the service is able to precisely block the content I ask it to, then it’s a good blocking service. I only came across one false positive over the past week, indietits.com a web comic featuring 2 tits. Since OpenDNS allows you to easily whitelist any domain this was only a minor inconvience. There’s no mechanism to report a false positive directly, so I’m assuming their system learns based on the whitelist data.

Smarter?
OpenDNS is supposedly smarter because it has the ability to fix misspelled domain names. At the end of the day this is a pretty useless feature. The problem is, OpenDNS only kicks in when a) the domain name is common enough that it can figure out the actual address youre trying to get to and b) the domain name you tried to access does not exist. Since almost all misspellings of common domains are taken by squatters you’ll barely ever stumble across a misspelling that isn’t attached to a server. I suppose this feature is designed for people who mangle the top level domain name, blah.cmo will never resolve and it does a good job of redirecting these to the proper TLD. But I always use firefox’s keyboard shortcuts to add the .com or .net. So again, I wasn’t really affected by this feature.

Geeking out.
The OpenDNS control panel has two features that are clearly designed to appeal to the nerds. One more useful than the other.
The control panel gives you the ability to create a “shortcut,” allowing you to assign a short name to any resolvable address. For example, you could link “wiki” to “wikipedia.org” or link something like “wsearch” to wikipedia’s search page.
The second less useful nerd feature are the stats. OpenDNS provides a wide range of charts and graphs about your DNS resolution history. These might actually be somewhat interesting if they weren’t in GMT.
Again, I didn’t find myself using either of these features very much.

What’s the catch?
“How do they make money?” you might ask. Well it’s pretty simple, whenever you stumble across a non-resolving domain, OpenDNS will present you with a (revenue generating) search application and related text ads. This is fairly non-obtrusive. The only thing I find kind of weird is that this is identical to verisign’s site-finder. When that launched in 2003 it caused such a shitstorm that they were only allowed to keep it online for 19 days! (read the wikipedia article linked above) I guess the main difference with OpenDNS is that it’s completely opt-in.

Conclusion
At the end of the day, it’s a pretty neat service. I’ll probably keep it configured, since it doesn’t really negatively affect my internet experience, and I do get a bit of a speed boost.
I can see the service being quite a bit more useful to someone who manages are small network, especially if they need to filter the internet.
For Personal use, it’s usefulness is a little more dubious.

After one week of use, I give OpenDNS a rating of : *shrug*

  • Ryan,

    Thanks for choosing OpenDNS. Great to read a considered review from someone savvy. I appreciate your positive comments AND your negative ones (always looking to learn). Quick notes responding to your points we need to improve upon follow…

    The typo correction feature is only intended to address TLD typos at this time. In the future, it’s possible we would offer typo correction of the domain itself (avoiding typosquatters), but (a) we haven’t determined the value and (b) this would likely be an opt-in feature.

    While the timezone offset isn’t available yet, I would think the stats in UTC are pretty valuable as is. Guess I’m surprised by your dismissal simply because of the time zone — but we know that’s desirable. We’re focused on making the stats faster, and then adding features such as this one.

    Regarding SiteFinder comparisons… I’d point you here: http://www.opendns.com/support/article/29

    Again, thanks for taking a look.

    John Roberts
    OpenDNS

  • Ryan,

    Thanks for choosing OpenDNS. Great to read a considered review from someone savvy. I appreciate your positive comments AND your negative ones (always looking to learn). Quick notes responding to your points we need to improve upon follow…

    The typo correction feature is only intended to address TLD typos at this time. In the future, it’s possible we would offer typo correction of the domain itself (avoiding typosquatters), but (a) we haven’t determined the value and (b) this would likely be an opt-in feature.

    While the timezone offset isn’t available yet, I would think the stats in UTC are pretty valuable as is. Guess I’m surprised by your dismissal simply because of the time zone — but we know that’s desirable. We’re focused on making the stats faster, and then adding features such as this one.

    Regarding SiteFinder comparisons… I’d point you here: http://www.opendns.com/support/article/29

    Again, thanks for taking a look.

    John Roberts
    OpenDNS

  • Hey wow, I wasn’t really expecting a reply from the OpenDNS team. Thanks for reading.

    Re: Typo correction, I guess I misunderstood this feature somewhat. Like I said, TLD correction isn’t much of an issue for me. But, I think it would be great if OpenDNS was able to maintain a blacklist of typo squatter (and even regular domain name squatter) domains. I would feel a lot better about supporting OpenDNS than some bum who’s trying to make a buck.

    Re: the stats, I find them of very little actual use to begin with. I mean, I can’t think of an instance where I’d ACTUALLY need to know how many domain names I’m resolving. It’s only something I am mildly curious about at most. The fact that the timezone offset is not adjustable makes it difficult for me to correlate the graphs to my actual network usage. On second glance, I think the reason this is difficult is because the graphs are organized by day; since I’m -6GMT, I have to mentally move all the days over by 1/4th…not exactly the easiest thing to do.
    Just out of curiosity, how do you guys at OpenDNS actually see this data being used. Are there any real world applications for it?

    Re: Site-Finder.
    I think we’ll have to agree to disagree on this point.
    In practice, the only difference between openDNS and site-finder is consumer choice. Now, I do think it’s important not to downplay consumer choice; and what verisign did was just pure evil (for the reasons mentioned in the link you posted). But fundamentally, the end-user experience is the nearly identical.

    That is, if openDNS ever gained a significant foothold in the marketplace, or if an ISP started using the service, it would essentially become an opt-out service. It would end up annoying and confusing just as many people as the site-finder service did.

  • Pingback: Hak5, what happened? - OHRYAN.CA()

  • Pingback: Google Chrome Bypasses OpenDNS (and How To Fix It) - OHRYAN.CA()

  • Hey wow, I wasn't really expecting a reply from the OpenDNS team. Thanks for reading.

    Re: Typo correction, I guess I misunderstood this feature somewhat. Like I said, TLD correction isn't much of an issue for me. But, I think it would be great if OpenDNS was able to maintain a blacklist of typo squatter (and even regular domain name squatter) domains. I would feel a lot better about supporting OpenDNS than some bum who's trying to make a buck.

    Re: the stats, I find them of very little actual use to begin with. I mean, I can't think of an instance where I'd ACTUALLY need to know how many domain names I'm resolving. It's only something I am mildly curious about at most. The fact that the timezone offset is not adjustable makes it difficult for me to correlate the graphs to my actual network usage. On second glance, I think the reason this is difficult is because the graphs are organized by day; since I'm -6GMT, I have to mentally move all the days over by 1/4th…not exactly the easiest thing to do.

    Just out of curiosity, how do you guys at OpenDNS actually see this data being used. Are there any real world applications for it?

    Re: Site-Finder.

    I think we'll have to agree to disagree on this point.

    In practice, the only difference between openDNS and site-finder is consumer choice. Now, I do think it's important not to downplay consumer choice; and what verisign did was just pure evil (for the reasons mentioned in the link you posted). But fundamentally, the end-user experience is the nearly identical.

    That is, if openDNS ever gained a significant foothold in the marketplace, or if an ISP started using the service, it would essentially become an opt-out service. It would end up annoying and confusing just as many people as the site-finder service did.