Bug#761658: Please do not default to using Google nameservers
Marco d'Itri
md at Linux.IT
Tue Apr 7 22:07:18 BST 2015
On Apr 07, Christoph Anton Mitterer <calestyo at scientia.net> wrote:
> Actually it's not, many networks block access to external resolvers
> since the "proper ones" are given via DHCP.
I do not believe this to be true.
> As it was pointed out here before, protocols like DHCP are the proper
> and reliable way to auto-configure the DNS resolvers.
I totally agree with this statement, and indeed systemd-resolved
defaults to use DHCP-provided resolvers if available.
> Starting from privacy issues / data leakage (if you google for the
> topic, it apparently seems to be even an open secret, that google
> collects the queries people make against their nameservers), mass
Let me point you to the helpful official page which shows that Google
does not store personally identifiable information:
https://developers.google.com/speed/public-dns/privacy .
This level of privacy is much better than the one provided by the
resolvers of many large ISPs.
> surveillance issues (since data goes at least to the US) or even worse
I have already explained to you that this is not true.
> for people in dictatorial regimes where using 8.8.8.8 may not be liked
> by some governmental forces.
Can you point to documented cases of people being troubled by oppressive
regimes for their choice of DNS resolvers?
> Could you please elaborate how you feel that the new fallback improves
> the quality, when like 99,99% of the systems are anyway already
> configured via DHCP or other ways and there never had been a need for a
> hidden hardcoded default.
It makes the other 0.01% (?) systems work.
> Could you elaborate on what you plan to do if Google should decide to
> terminate that service (will there then be an update for all
> stable/oldstable/etc?), which wouldn't be such a big surprise, given the
> number of other services they recently shut down?
Then they would not be worse than with no default configuration.
> Could you further elaborate on how this affects the systems of people in
> regions where access to the google name servers is blocked?
Then they would not be worse than with no default configuration.
> See above and previous mails from myself and other complainants, it's
> probably mostly the privacy and surveillance issues, especially since
These "privacy and surveillance issues" are substantially fictional.
--
ciao,
Marco
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 648 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20150407/a6c2d8d7/attachment-0002.sig>
More information about the Pkg-systemd-maintainers
mailing list