OpenDNS Introduces Shortcuts

David Ulevitch, founder and CEO of OpenDNS, sent me an email yesterday letting me know about a new feature from OpenDNS. It’s called Shortcuts and looks really sweet. Shortcuts are very simple, similar to bookmarks in your browser. Here’s how OpenDNS describes shortcuts:

You type something short and easy to remember into your address bar and you leap straight to where you want to go. There’s nothing to install and it works how you want it to, no matter which browser you’re using. Add, remove or change your OpenDNS shortcuts at any time.


Instead of going into any more detail about OpenDNS shortcuts, I’m gonna direct you over to Paul Stamatiou. Paul already has a great post with some screenshots and examples of shortcuts, go check it out.

PhishTank Is Here

PhishTank launched today. PhishTank is a site designed to make keeping tabs on phishing sites easier. If you come across a phishing site while browsing the web, you’re encouraged to submit the URL to PhishTank.

PhishTank is a collaborative clearing house for data and information about phishing on the Internet. Also, PhishTank provides an open API for developers and researchers to integrate anti-phishing data into their applications at no charge.

PhishTank is operated by OpenDNS. OpenDNS opened their services to the public earlier this year to much fanfare. David Ulevitch and crew have done an amazing job with OpenDNS, I expect the same from PhishTank.

PhishTank does not provide protection against phishing sites, they simple store phishing related data. OpenDNS does protect against phishing though. OpenDNS and PhishTank go hand in hand. OpenDNS blocks access to phishing sites that are in the PhishTank database. Here’s a little piece from the OpenDNS FAQ about reporting phishing sites:

The fight against phishing isn’t just for the banks and big companies to tackle; you can help. Right now, we encourage submission of possible phishing sites via our contact form. Nothing will be blocked unless it’s verified.

Later this summer, we will introduce PhishTank.com, a free community site, with API, which will serve as a collaborative clearing house for data and information about phishing and malware on the Internet.


PhishTank will no doubt prove to be a valuable resource for the internet security community. Now, users of OpenDNS can basically control what sites are deemed “phishing” sites by making use of PhishTank. This was one of the main gripes people had with OpenDNS initially. There was no method to show what sites were flagged as phishing sites. Let there be transparency!

OpenDNS System Status

It looks like OpenDNS is about to launch a “System Status” section of their website. Check out http://system.opendns.com/. I don’t know if this page is supposed to be live to the public yet, but what the hell.

Once you navigate to that page, you’ll see a status summary of the OpenDNS network. It looks like there’s gonna be a “mini blog” type of thing there too, probably mostly for making updates about outages or other problems. The “Testing” link you see in the image below is what leads me to believe there’s gonna be a separate “status” blog on that page.
OpenDNS_SystemStatus
There’s also a newer post at the OpenDNS blog about how they learn about phishing sites. I think they made that post in part due to one of my earlier posts on OpenDNS. 🙂

And boy how I wish I lived in San Francisco (well, not really). OpenDNS is currently looking for a Debian system administrator. Personally though, I’ve touched Debian once or twice. I can’t imagine leaving my beloved Slackware.

Oh, and I found the system.opendns.com site via my WordPress dashboard. system.opendns.com was listed as an incoming link from Technorati.

OpenDNS Preferences Are Live

I just noticed the OpenDNS preferences page is up and running. It’s pretty basic, but now you can enable or disable typo correction and phishing protection. The configuration is done based on IP address, so if you don’t have a static or persistent IP address, you might be out of luck. I don’t have a static IP at home, but I’ve managed to keep the same one for a little over a year now.

Here’s a screenshot of the preferences page:
OpenDNSPrefsSmall

Obviously, there’s not much there at this time. But look at the little information box in the top right. It mentions they’ll be adding more preferences there over time. It looks like they plan to have user accounts soon too, so you can manage preferences not based solely on your IP. Fun fun!

UPDATE: In my last post on OpenDNS, I mentioned I was having trouble getting to http://www.tehserver.us/. The problem seemed to resolve itself, when I was suddenly able to hit tehserver.us with no problem. However, come Monday morning, I’m unable to load tehserver.us again. Even when I type http://www.tehserver.us/Home, the direct link to the homepage, I get the OpenDNS search page. OpenDNS search successfully finds the site, but when I click on the search result, I’m taken back to the OpenDNS search page instead of being taken to tehserver.us. The really odd thing is that I can reach tehserver.us with no problem from home. Not so from work though. I’d think a traceroute to tehserver.us would be nearly identical from my house and from the office, since the two are about 3 city blocks away from each other.

OpenDNS Speed

Wikipedia defines Adware as “Adware or advertising-supported software is any software package which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or while the application is being used.”

This guy makes some good points, the OpenDNS as Adware idea not being one of them though. He’s had some issues with the typo fix feature of OpenDNS and the OpenDNS search page coming up when it shouldn’t.

So what happens when it doesn’t know the IP address you ask? Well sometimes it returns no answers

[email protected] ~ $ dig verizonn.com @208.67.222.222

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

And sometimes it gives you back their server. (asdverizon.com. 1 IN A 208.67.219.40) any request to 208.67.219.40 results in a search the attempted url being ran through their systems. If im not misunderstood, they make their money off of adds displayed at this time… therefore, the more they don’t catch, the more money they make on advertising? Ok so I guess for their software it “Pays to be stupid”

Simply because an application doesn’t provided the expected results doesn’t mean it’s adware. OpenDNS seems like the kind of company who is out to stop adware and other sorts of internet baddies. That post is worth a read, it does a nice job of bringing to light some problems in OpenDNS. And, I don’t think the guy was actively trying to take the “OpenDNS is Adware” stand, he did file that post under “Talking Shit” after all. heh.

Another interesting OpenDNS related post comes from Thomas Ptacek. Thomas has noticed OpenDNS actually takes longer to resolve some domains than, say, your ISP’s DNS servers.

74ms longer via OpenDNS. How much of that is network latency? You could turn off recursion, but OpenDNS doesn’t support it, so instead query for OpenDNS’s own names:

nsping -z opendns.com 208.67.222.222
+ [ 22 ] 55 bytes from 208.67.222.222: 261.771 ms [ 192.468 san-avg ]

41ms. Weak evidence that it takes OpenDNS 33ms longer to look up random names at Google on my DSL connection? Note also that all the OpenDNS queries “succeed”, because OpenDNS sends you to a landing page for typos.

Some pretty interesting comments going on at that post too. David Ulevitch and Thomas might end up getting together to do some testing on DNS caches and overall performance. David made a comment in my previous post on OpenDNS in which he explains some of the new features they’re working on:

I agree 100% about us needing to be more transparent. The three biggest things we are working on right now are:
1) Getting account preferences up and running so people can just enable and disable the various features they are working on.
2) Providing a much clearer understanding of where our phishing data comes from and what happens if we make a mistake
3) Bringing up our London datacenter and adding in a bunch of peering and other network connectivity to our existing sites.

I’ve really only witnessed one problem with OpenDNS. This is a prime example, try navigating to http://www.tehserver.us/. It takes you to the OpenDNS search page, right? Well, the first link displayed on the search page is really where I want to go. So, I click the first link and I’m taken right back to the OpenDNS search page I was just on. So, there’s apparently no way for me to get to www.tehserver.us using OpenDNS. Granted, tehserver.us isn’t totally legitimate, it’s definitely not breaking any sort of laws. Perhaps the spellcheck is getting confused. The domain is tehserver.us, not theserver.us.

I’ve been using OpenDNS for about 5 days now. I am going to do some testing tonight at home to see if OpenDNS actually serves up info quicker than my ISP’s DNS servers. I will post the results and how I went about testing. That is, provided I have power at home, there’s been some awesome storms rolling through the last couple days. A welcome event for the farmers around here though.

UPDATE:
I can get to tehserver.us with no problem now, I never even see the OpenDNS search page. David mentioned he’s opened a bug in bugzilla for the developers to check out. He also mentioned this post on OpenDNS by Greg Keene. Greg takes a look at OpenDNS and fears even one security breach could make OpenDNS disappear:

My concerns? The obvious, security and security. Will temptation to generate advertising overcome their ‘do good’ nature? We’ll have to see. A huge, obvious hole is their own security. If they get hacked, then their users are effectively exposed — don’t underestimate this. I’d like to get more people using them so we can really find how good they are. My thought is that one security breach could kill these guys, even an exposed exploit would be a very bad thing.

Give it a try and let me know what you think.