by CIO Staff

OpenDNS Touts Controversial Antiphishing Service

Jul 12, 20064 mins
IT Strategy

A San Francisco company hoping to combat phishing and botnet threats has found itself mired in controversy for using the Internet’s domain name system (DNS) to act as a filter.

OpenDNS launched on Monday and presents itself as a service along the lines of antiphishing toolbars, but with the difference that it operates at the DNS level. The service also aims to speed up Web and e-mail transfers and correct obvious spelling mistakes in Web addresses.

“The DNS has loads of room for improvement,” said founder and chief executive David Ulevitch in a company blog post announcing the launch.

The company plans to make money through advertising. When users type in an address that doesn’t exist and isn’t a known typo, they’ll see a list of search results related to the address, along with ads, Ulevitch said.

The approach is similar to that used by Verisign in its reviled Site Finder service—which shut down in 2003, shortly after launch. The company admits there are similarities, but said there really is no comparison, since Site Finder was imposed on Internet users.

“OpenDNS customers choose our service for its benefits and may choose not to use it at any time,” the company said in a FAQ. “VeriSign’s changes were forced upon the entire Internet by one organization violating its neutral position granted by the Department of Commerce.”

Indeed, OpenDNS’ first challenge will be getting people to use it. By default, most people use the DNS service offered by their ISP, and while specifying a different service isn’t difficult, it is a technical step that will be unfamiliar to most individual users. Companies can set up their networks to route all their users’ DNS requests through the company.

Ulevitch is hoping the lure of protection from the ever-increasing threat of phishing, spyware and other malicious code will convince users to make the switch. He first became aware of the way spammers, phishers and others were using the DNS as an attack vector while running a DNS provider called EveryDNS. While he was able to clean up EveryDNS, most other DNS providers aren’t as conscientious, Ulevitch said.

“Instead of relying on all the unknown DNS providers out there to clean up their act, we act like a crossing guard in front of your house,” he wrote. “We direct the good stuff towards you and send the bad stuff away.”

Like the security browser toolbars currently gaining popularity, the company has continuously updated lists of known phishing sites, and displays a warning when a user tries to access one of them. The company claimed it can also disrupt botnets, networks of “zombie” computers.

Simple spelling mistakes will be corrected—for instance, sending craigslist.og to Some industry observers noted that this feature could become controversial if it catches on, since it imposes a kind of censorship on the DNS.

“OpenDNS will have the power to censor domains or classes of domains. … A typosquatter somewhere surely will make that assertion,” wrote Mark Jeftovic, cofounder of easyDNS Technologies, in a post on CircleID, a community site focused on Internet infrastructure.

The feature could also create a conflict of interest, since typo corrections theoretically steer traffic away from the revenue-generating error page.

One obvious limitation could be geography. OpenDNS currently has servers on the United States’ east and west coasts, and is planning locations in Chicago and London. In other locations, requests may have to traverse the globe for a response, which could negate any speed boost provided by OpenDNS’ fast network and large cache.

-Matthew Broersma, (London)

Check out our CIO News Alerts and Tech Informer pages for more updated news coverage.