[HN Gopher] Show HN: DN$ - an innovative, ad-supported DNS resolver
___________________________________________________________________
Show HN: DN$ - an innovative, ad-supported DNS resolver
Tired of companies snooping through your DNS traffic? Don't you
wish you could get advertisements with your DNS records? Today
we're introducing the innovative, privacy-focused, ad-supported DNS
resolver - DN$! Traditional DNS resolvers provided by your internet
service provider, cloudflare, or google could be tracking your
internet activity and selling it to third-party data vendors. We at
DN$ want to fix that and cut out these nefarious actors (until
we've amassed a critical number of users to exploit). In order to
support such a radically new business model, our service needs to
serve adverts because $INSERT_FAKE_REASONS. Open source and built
in rust - our software is secure and blazingly fast because it is
open source and built in rust. As a corporate entity, our
executives are not liable for prison time and will probably only be
fined small financial penalties for any serious crimes we commit.
However, we *promise* that we are NOT doing anything nefarious like
tracking and selling your user data and internet behavior. We will
also NOT be using the data (we are _not_ collecting : ) to train AI
models to make ourselves rich. Did we mention that it's built in
rust therefore it's safe and fast? Send your DNS queries to
`35.223.197.204` :) to try it out: ``` dig @35.223.197.204
hackernews.com ```
Author : nablags
Score : 195 points
Date : 2024-04-01 15:48 UTC (7 hours ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| silisili wrote:
| Gotta admit, the title got my blood pressure going a little bit,
| until I clicked and read through. Really well done, and nice
| working demo!
| bevekspldnw wrote:
| Same!
| iamawacko wrote:
| Seems legit!
| PreInternet01 wrote:
| > DN$ only supports DNSSEC for customers in the ENTERPRISE tier
|
| OK, so how much do I pay you to change that message to "DNSSEC is
| pointless and you should feel bad for making this request"?
| nablags wrote:
| If you join our pre-pre-seed fundraising round, I'm sure we can
| work something out
| chuckadams wrote:
| Why change the message instead of adding another? Any smart
| company should be able to offer support contracts for pointless
| things.
| eddd-ddde wrote:
| Built in rust? This needs to be at the top of my resolv.conf
| immediately!
| rpigab wrote:
| You mean resolv.conf.ron? And why would you need anything else
| in that file, DN$ is all you need!
| 1oooqooq wrote:
| you mean etc/systemd/resolv.conf.d/new.conf
|
| get on with the times, gramps.
| binarysneaker wrote:
| Good one
| Semaphor wrote:
| Can recommend! I tried it, and it only took 11.423 seconds to
| resolve reddit.com!
| nablags wrote:
| this is likely user error, our resolver was programmed in Rust,
| therefore it's blazingly fast
| toomuchtodo wrote:
| Web scale.
| klyrs wrote:
| I died
| Mathnerd314 wrote:
| From the article link in the readme, this is a dig at Facebook.
| WorldMaker wrote:
| That specific bullet point was definitely a jab at Meta, but
| the whole thing is not just Meta.
|
| Ad-supported DNS is already a common problem of the major
| Consumer ISPs, which is part of the reason it is often
| suggested to own your own home router, and to use a DNS
| provider of your own choice in your router (depending on who
| you trust to not also eventually add ads to their DNS, often
| the choices are Google or Cloudflare or DIY things like
| PiHoles).
| nablags wrote:
| We take inspiration from several tech companies - current and
| bankrupt
| IX-103 wrote:
| ;; ADDITIONAL SECTION
|
| TXT "Meet hot, lonely DNS records in you area tonight"
| tgeorge wrote:
| ;; ADDITIONAL SECTION: news.ycombinator.com. 7200 IN TXT
| "CONSUME CONSUME CONSUME CONSUME CONSUME CONSUME CONSUME
| CONSUME CONSUME"
| StinkyTechBros wrote:
| Is this to be associated with "M$?" B/c there are still dorks
| writing things with a cash sign.
| medellin wrote:
| Little over the top. Sometimes subtle is better/more
| entertaining.
| bertman wrote:
| Nice :D
|
| The TXT ads:
| https://github.com/tedkim97/adcache/blob/main/src/adcache.rs...
| mtillman wrote:
| so good: "Meet hot, lonely DNS records in your area tonight"
| rpigab wrote:
| $ dig @35.223.197.204 hackernews.com < HTTP 402 error.
|
| Wierd, it shouldn't even use HTTP. Something's fishy.
| bombcar wrote:
| Your dig is dug. $ dig @35.223.197.204
| hackernews.com ; <<>> DiG 9.10.6 <<>>
| @35.223.197.204 hackernews.com ; (1 server found)
| ;; global options: +cmd ;; Got answer: ;;
| ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63493
| ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0,
| ADDITIONAL: 2 ;; OPT PSEUDOSECTION: ;
| EDNS: version: 0, flags:; udp: 65494 ;; QUESTION
| SECTION: ;hackernews.com. IN A ;;
| ANSWER SECTION: hackernews.com. 46 IN A 13.249.141.50
| hackernews.com. 46 IN A 13.249.141.113 hackernews.com.
| 46 IN A 13.249.141.98 hackernews.com. 46 IN A
| 13.249.141.39 ;; ADDITIONAL SECTION:
| hackernews.com. 7200 IN TXT "Need to launder some money?
| Invest in our cryptocurrency!"
| pierat wrote:
| Hah! LZMAO!
| estebarb wrote:
| But where is the serverless blockchain?
| yonatan8070 wrote:
| Great execution, one of my queries showed this, idk what it means
|
| ```dig @35.223.197.204 google.com ;; Warning: ID mismatch:
| expected ID 37255, got 53558```
|
| Great project, I found out about a course that'll help me make
| 100,000 USD a month!
| nablags wrote:
| An ID mismatch occurs when the ID on your DNS query differs
| from the ID on your DNS response. Queries & Responses should
| share the same ID - either this has been done intentionally or
| it's a sign that something is buggy with the resolver.
|
| This sounds like a serious, security vulnerability. We'll
| investigate it in 3-5 years
| yonatan8070 wrote:
| Given that the server is written in Rust, it is perfect and
| has no bugs. This must be a cosmic ray that hit a router on
| the way
| KomoD wrote:
| It's a feature!
| loa_in_ wrote:
| If it's written on rust then the spec is buggy
| RedShift1 wrote:
| Already saw a job posting requiring 5 years of experience with
| DN$.
| naikrovek wrote:
| I hate April Fool's day so much.
|
| No, this didn't trick me.
|
| Lying and pranking are both bad things to do, and they're bad on
| 1 April, too.
|
| If you find this kind of thing fun, we can't be friends and I
| will forever look down at you.
|
| It's my problem, I know, I just can't condone pranking or
| deception for any reason.
| bee_rider wrote:
| Harmless pranks are good. They are our way of vaccinating
| people against real lies.
| nottorp wrote:
| That... made my day. Brilliant from top to bottom.
|
| Hmm. I'm starting on a new project tomorrow. Perhaps I should
| mail the customer and tell them I decided to rewrite the whole
| project in Rust?
| nickburns wrote:
| this project needs to be stickied. can we do that around here?
|
| #intedwetrust
| proactivesvcs wrote:
| Here's me, a Uniformly Dopey Peasant. nmap -sV -p
| 53 35.223.197.204 Starting Nmap 7.94SVN ( https://nmap.org
| ) at 2024-04-01 20:16 BST Nmap scan report for
| 204.197.223.35.bc.googleusercontent.com (35.223.197.204)
| Host is up (0.11s latency). PORT STATE SERVICE
| VERSION 53/tcp open domain? 1 service unrecognized
| despite returning data. If you know the service/version, please
| submit the following fingerprint at https://nmap.org/cgi-
| bin/submit.cgi?new-service : SF-
| Port53-TCP:V=7.94SVN%I=7%D=4/1%Time=660B081A%P=x86_64-pc-linux-
| gnu%r(DN SF:SVersionBindReqTCP,4F,"\0M\0\x06\x81\x05\0\x01\
| 0\x01\0\0\0\0\x07version SF:\x04bind\0\0\x10\0\x03\xc0\x0c\
| 0\x10\0\x01\0\0\0d\0#\"TCP\x20is\x20for\ SF:x20enterprise\x
| 20clients\x20only")%r(DNSStatusRequestTCP,3D,"\0;\0\0\x9 SF
| :0\x05\0\0\0\x01\0\0\0\0\xc0\x0c\0\x10\0\x01\0\0\0d\0#\"TCP\x20is
| \x20for SF:\x20enterprise\x20clients\x20only");
| nablags wrote:
| Our company culture codifies that our free and enterprise
| customers are uniformly referred to as peasants.
|
| Enterprise customers are called "Top Customer Peasants"
| KomoD wrote:
| When are you going to implement the dark blockchain into this!?
| bevekspldnw wrote:
| FWIW, I've looked at Cloudflare pretty closely and I don't think
| they are monetizing - but given the potential rewards it's always
| going to be a "break glass in case of quarterly revenue dip" type
| situation.
|
| Google is...Google.
| KaiserPro wrote:
| I was using shitty wifi provided by the hotel for free, and was a
| bit mystified as to what the fuss was about. Turns out they were
| fucking with the replies, because of course they were.
|
| Trying again on a network thats well setup lets me actually see
| the proper replies.
___________________________________________________________________
(page generated 2024-04-01 23:01 UTC)