If ever I’m asked how a general home network user can drastically improve their security posture, my first recommendation is “use Quad9 for DNS”. Quad9 runs a completely free global public recursive DNS resolver, that goes a huge way towards stopping malware and phishing attacks. By simply changing your default ISP provided resolvers to 22.214.171.124, you can dramatically improve things. There are very few true easy wins in internet security, but Quad 9 is one of them.
Quad9 is now, a Swiss public not-for-profit foundation, with the mission of improving security and maintaining privacy. Most unskilled in our art, don’t realize how critical and potentially vulnerable the whole Domain Name System is. You type a name in the browser and the resolver decides which actual server to send you to. Bad resolution, bad target, bad result, its as simple as that. Quad9 does an amazing job of actually doing something good and blocking the bad guys – for free!
This post highlights the crazy situation going on in Germany right now. In summary, Sony Music thinks its Quad9’s fault that bad guys are stealing their IP and pirating their media. Sony took out an interim injunction (310 O 99/21) at the Hamburg Regional Court to require Quad9 to implement network blocking on their behalf. The trouble is, this is just not how the system works AND it introduces a frightening precedent that if upheld, allows corporations to make DNS providers responsible for for just about everything bad that happens on the internet. It probably means the end of their awesome service and a step back to the dark ages for the rest of us.
Fortunately, most sane people that understand what’s going on here agree that Sony should just drop it. Quad9 already have the support of the GFF – the German-based Gesellschaft für Freiheitsrechte e.V. – a Germany specific version of the EFF – the Electronic Freedom Foundation that I’m a member of. BTW, if your not a member/supporter of GFF or EFF – go subscribe and get an awesome t-shirt.
The GFF is helping pay Quad9’s legal bills. “If non-profit IT security projects like Quad9 must bear the costs of combating copyright infringements, they can no longer offer their services in Germany in a way that covers their costs,” said GFF project coordinator Julia Reda. “As a result, everyone’s IT security suffers.”
“We view this case with Sony Music as a much bigger issue outside of Quad9’s mission to keep the Internet safe. This eventual final outcome of this ruling will set a precedent for European cybersecurity and policy,” said John Todd, Managing Director of Quad9. “This isn’t just about Quad9’s DNS recursive security capabilities; we believe it has a much broader application to a wide range of internet services, and service providers should understand the implications of either outcome of the case.”
More detailed information on the case and this issue is available on the Quad9 website at https://quad9.net/news/press/german-court-rules-against/. If you care about security and understand what services like Quad9 do, write to someone, post a blog, or go join the GFF/EFF and help them fight off a bad ruling with potentially hugely damaging implications.