Is there such a thing as federated dns servers, self hosted or otherwise? I don't particularly care about piracy but I can see this dominoing into abortion, lgtq+ ect...ect...
As long as you’re not using DNSSEC, you can easily run your own. I’ve been running a PiHole for years now, it can pull in block lists and such from various sources, it’d be fairly easy to add a list to pull in automatically that include extra records. Those could be served from anywhere. Torrents, git repos, http calls, etc.
Note that with just pihole you would still be affected by this, since pihole needs an upstream dns server to get it's data from.
But if you set up pihole with unbound you will be OK, since unbound then will do the job of getting data from the root servers without another upstream dns.
While others suggested adding the DNS records manually the far more secure and easier in the long term solution is to run pihole with unbound. Going this route completely eliminates third party upstream DNS servers as unbound will query the top level domain for their authoritative name server and direct the IP address from the source. Pihole has a great explanation on their website. I like crosstalk solutions on setting it up as it's has everything you need just to copy paste your way into it working.
A PiHole functions has a full DNS server. You can configure it to serve any arbitrary records you like - which is basically how it overrides ad domains to prevent them from loading.
So, if you know the IP address that a particular domain is supposed to route to, you configure the PiHole to respond with that IP address for that domain. So, it doesn't matter that the major DNS servers return junk because your PiHole never asks them.
$80? I run mine on a Pi Zero that I got for $9 with a $6 wired network adapter for a grand total of $15. No problems for a household of five with one of us (me) being an extremely heavy user.
I used to do that, but it comes with the problem of your DNS going down any time you want to restart or do a hardware swap on your NAS. Or since it was running in docker something as simple as reloading docker would knock out the internet for a few minutes. It's worth the $15 to have them operate separately.
Doesn't that just move the problem to the $15 device? Or are you saying you reboot your NAS significantly more often than your RPi? I have a RetroPie setup that I reboot about as often as my NAS, which is when I remember to run updates.
I pretty much never reboot the Pi. It currently has over 18 months of uptime on it. My NAS on the other hand I probably restart for one reason or another maybe once every 6 months. So yeah I'd say I reboot it minimum 3x more often.
Plus a reboot takes much longer on my NAS than on the Pi. The server board is slow to start, the SAS cards are slow to start, and unRAID is slow to start. Then I need to manually enter the password for disk encryption. Then wait for the array to start up. Then wait a bit more for the docker containers to start. Add all of that up and even the absolute fastest reboot is like 10 minutes while the Pi probably takes 30 seconds.
And what if I want to swap hard drives? Now it's down for an hour. I guess I could wait until 3am to do all my upgrades so everyone is asleep, but I'd rather not. I suppose if it were just for myself it would matter a lot less. But again, it's only $15 to not have to think about it at all.
Interesting. Boot times aren't an issue at all for me on my NAS because it's running on an old desktop processor and has plenty of performance. Both boot in <30s, and I leave them both on 24/7.
I tend to upgrade all my servers around the same time (RPi, NAS, VPS), and my laptop and desktop get updates about every week or two. I don't like leaving systems unpatched, so I stay on top of it. I haven't needed to swap HDDs in the 6-ish years I've had my NAS configured, so I guess it's not an issue I've run into. I'd probably just schedule it when I do a router firmware update (I run a Mikrotik router), which I do every few months as well, since that way everyone expects a little downtime.
Definitely. Though I’ll add that I ran PiHole + PiVPN on a Zero W ($10) for years. I upgraded it to a Pi Zero W 2 ($15 with extra cores) but I found that it had terrible packet drops, so I had to add a $15 usb wired adapter to it. I can max my upload speeds over vpn and dns is super low latency.
And there is https://filterlists.com/ which is a searchable index of lists. If you use uBlockOrigin you can add lists directly from fliterlists.com otherwise it provides links to Github etc.
There's the completely decentralized ENS name system that would bypass this censorship entirely.
But unfortunately it's got the scarlet letters "NFT" hanging around its neck, and so good luck trying to discuss its actual merits or try to implement support for it anywhere.
NFT is scary because people don't know what it means. It is not supposed to be a means of selling jpegs; it is supposed to be a digital untamperable proof of ownership for various uses.
It's very tamperable. It lacks common safety features like 2FA. Hacks are common and stolen NFTs can not be recovered.
It doesn't provide any evidence of ownership, much less proof. Anyone can mint NFTs without providing any evidence of ownership or anything. There is no legal requirement that ownership of anything is transferred along with an NFT.
There isn't just one single way of coding an NFT, you're talking about an entire class of application here. You can indeed add all sorts of safety features if you want to.
Saying "anyone can mint NFTs" shows a misunderstanding of the specific application we're discussing here. Not just anyone can mint an ENS name, specifically, which is what we're talking about. ENS names are minted by the ENS contract, so they can be guaranteed unique. An ENS name isn't "representing" anything other than the information contained within it, so there are no legal issues whatsoever. If you own the ENS name NFT then that's all that you need to worry about, it has no other effect or implication other than that.
This is what I was talking about when I mentioned the "scarlet letters NFT". People have an enormous prejudice about the technology and leap to incorrect assumptions about its uses based on those prejudices.
It’s glorified receipts that are billed as far more secure than they actually are looking for a problem to solve. The entire usage is people treating it like a casino, just like cryptocurrency. I guarantee you “small” artists and such, the people that are always paraded around as the beneficiaries, are not using it in any appreciable number. Those that tried simply lost some money in the endless sea of “get rich quick” schemes they were sadly duped into participating in. Crypto bros just decided to target creatives, as if they need to be victimized more.
NFT’s are not helping people in any appreciable number. It’s just another relationship of people getting rich on the backs of a bunch of bag holders sold a false promise.
I am describing a usage that is explicitly not like that. A usage that has nothing to do with art. The concept of "NFT" is not somehow inextricably tied to spending ridiculous amounts of money on pictures of apes, it's a general technology.
This is a perfect illustration of the problem here. People are lamenting about difficult it is to come up with a truly decentralized method of owning domain names that can't be commandeered by authorities or big business, a system to do exactly that already exists, but it's based on a technology that people have such an extreme prejudice about that they'd rather downvote anyone who tries to explain it and go back to helplessly lamenting.
Then please show us some valid usages currently up and running solving actual problems at scale.
I am prejudiced because I was in the crypto space for years. I used to mine and more. So my prejudice comes from a place of experience and knowledge, not random headlines and memes.
What is the NFT component offering that I don’t get from the myriad of other excellent DNS services (many of which are FLOSS) that grant me reliable DNS over HTTPS/other privacy elements? What is the NFT part accomplishing that wasn’t being done prior?
Full decentralization and censorship resistance. In the case of DNS services there's still an organization of some kind that you're having to trust to not mismanage your registration. Both now in their current form and in any future form the organization may take.
ENS, on the other hand, is just a smart contract running on Ethereum. Its behaviour is programmed, not dependent on any human decision making. To censor it you'd need to block Ethereum as a whole.
How does your FLOSS software solve the Byzantine Generals problem? If two different people want to use the same domain name, how is it determined who gets it? These are the things that blockchains contribute a solution to.
It's not enough that the software that everything's running on is free/libre. Determining who gets a scarce resource (unique names) is the real difficulty here.
I had really hoped that the video game industry would use its royalty function to give developers a cut of the secondary market. It would naturally incentivize them to slow down their development cycle, and make games that stand the test of time. Selling games with this technology could have been a virtuous cycle of developers having a vested interest in their work beyond simply selling DLC.
Well, hominids made hand axes for countless aeons without ever really using them. I guess I shouldn't act too shocked.
No competent engineer would use NFTs for the purpose. It's inconvenient, slow and ridiculously expensive. No one uses the "technology" because it's rubbish.
Implementing such a feature is trivial. Steam has a marketplace. They don't let you sell used games because the developers don't want it.
I tried to use gnunet multiple times over the years. It always had wierd routing problems, the worst was their filesharing, it literally never worked. You cant find files that are definitely on the network, and if by some miracle you do find something, it fails to download it. 20 years of development and its an unfinished buggy mess. I hope they finally fix it sometime, cause its a really great idea, just executed horribly.
DNS is centralized in that there is a root zone that determines who is the canonical authority for each top level domain like .com or .world (and the registrar for each top level domain controls who controls each domain under them). But it's also decentralized in the sense that everyone who controls a domain can assign any subdomains below that, and that anyone can choose to override the name resolving with their own local DNS server (or even a hosts file saved on the device).
The court case here is trying to override the official domain ownership records at specific DNS providers. The problem is that the intermediaries are being ordered by the courts not to follow the central authority.
Federation wouldn't fit this model: we still want DNS to be canonical where everyone in the world agrees which domain resolves to which IP addresses.
DNS is to a degree, by design federated to begin with. What you need to participate is a recursive DNS server, like Unbound as some of your other replies have mentioned. You can run it on the same machine as something like Pihole if you’re already running that.