
Google DNS servers suffer brief traffic hijack - lelf
http://www.itnews.com.au/News/375278,google-dns-servers-suffer-brief-traffic-hijack.aspx
======
jfoster
A few days prior to this Google App Engine apps that were using custom domains
started redirecting to google.com for about 3 - 4 hours. (Google hasn't
acknowledged that publicly yet, but did set a security flag on one of the
issues on the appengine issue tracker)

[https://code.google.com/p/googleappengine/issues/detail?id=1...](https://code.google.com/p/googleappengine/issues/detail?id=10699)

Potentially related, perhaps?

------
th0br0
"internet performance metrics analyst firm Renesys" \- now that's a long
company type.

------
orvtech
Leaving politics and ideology aside, there are precedents to consider... back
in 2012 Malaysia had a similar situation but the outage was wider and more
pronounced.

A different precedent is the fact that phishing sites for social networks have
been found on Venezuela's government-operated ISP servers not that long a go
[http://orvtech.com/en/general/gobierno-venezolano-
elecciones...](http://orvtech.com/en/general/gobierno-venezolano-elecciones-
proxy-twitter/)

------
josteink
Why anyone would use a DNS server hosted by an ad & tracking-company on
another continent instead of just using the one provided to you by your ISP
one hop away is beyond me.

In what bizarro world is that supposed to improve performance, security or
_anything_?

~~~
acdha
See [https://developers.google.com/speed/public-
dns/](https://developers.google.com/speed/public-dns/) and in particular
[https://developers.google.com/speed/public-
dns/docs/performa...](https://developers.google.com/speed/public-
dns/docs/performance) and [https://developers.google.com/speed/public-
dns/faq#nxdomains](https://developers.google.com/speed/public-
dns/faq#nxdomains).

You might have an ISP where they have professional DNS admins, significant
failover and a massive deployment of local DNS caches in each neighborhood.
Unfortunately, many people have ISPs where they have two servers for an entire
timezone maintained by the owner's brother-in-law and, to the extent that they
think of DNS at all, it's only for questions like “Can we sell advertising on
NXDOMAIN replies?”

~~~
josteink
So basically, if we assume that everyone in the world except Google knows how
to run a DNS-server, using their DNS-servers makes sense. I agree.

But that's an absurd assumption, and I seriously disagree with it. And coming
from a part of the world where we actually have ISPs compete (I know!), I find
the premises plain laughable.

I'm not saying there aren't _ever_ a reason to use their DNS server, but I
fail to see why people would chose to recommend theirs as a _general_ rule (as
I've seen lots of places, reddits, etc) and how Google with a straight face
think they can claim it will make things "faster", or even worse, more
"secure".

Simply said: I call bullshit.

~~~
serf
I use it because every ISP i've used in North America hijacks shit and feeds
it through their own search portal, driving me nuts in the process.

I'd rather it get hijacked into a potentially useful Google query plus 8.8.8.8
is extremely easy to remember.

~~~
josteink
_I use it because every ISP i 've used in North America hijacks shit and feeds
it through their own search portal, driving me nuts in the process._

So basically the issue Google is trying to solve, is that in the US where the
telecom market is completely failed, there aren't any ISPs which has DNS
servers complying to the actual DNS spec or RFC 1035?

Why don't everyone just jump out and say so then? Why does Google and you guys
here talk about _everything else_ instead of that? That's by no means an
obvious thing to someone coming from the outside.

Does everyone here actually assume that all ISP's on the planet fail to
deliver proper DNS with their internet services? What sort of insane
assumption is that?

Threads like this is a nice reminder to myself (and maybe others, hint hint)
that the cultural gap on the internet is always bigger than you think, even in
"small" circles like this.

And everyone: Thanks for the highly enlightening downvotes for asking a IMO
very valid question. It's appreciated, informative and certainly constructive.

~~~
acdha
> So basically the issue Google is trying to solve, is that in the US where
> the telecom market is completely failed, there aren't any ISPs which has DNS
> servers complying to the actual DNS spec or RFC 1035?

I've personally experienced dodgy DNS in US, Europe, and Asia. It's not a
regional issue so much as a question of market failures: you don't buy a home
router based on the quality of its DNS implementation and businesses which
offer WiFi certainly don't, and many ISPs figure that NXDOMAIN hijaacking will
cost them only a vanishingly small percentage of customers, if any, and see it
as a net win.

If any of those apply to you, you have the choice of either going through a
frustrating, likely futile, attempt to get the network fixed or you add
8.8.8.8 / 8.8.4.4 to your DNS server list and never think about it again.

> And everyone: Thanks for the highly enlightening downvotes for asking a IMO
> very valid question. It's appreciated, informative and certainly
> constructive.

If you don't want to be down-voted, be less confrontational in your replies
and do your homework first. You might start by assuming that the people with
considerably more experience have good reasons for going to the trouble of
deploying a non-default option. A trivial search would show thousands of
complaints suggesting that your view of the world is too narrow.

------
bjerun
I'm using 8.8.8.8. Does this mean I might have a problem now (virus or
similar)?

~~~
MertsA
You wouldn't have been affected at all if you aren't in Brazil or Venezuela.

~~~
davb
That's not how I read it. It seems as though all traffic (globally) to those
net blocks was rerouted to Venezuela, for a brief period.

~~~
thejosh
The rerouting affected networks in that country and Brazil for 22 minutes,
BGPMon said.

