Google Accelerates Internet With Public DNS ServiceGoogle Accelerates Internet With Public DNS Service

Opening up a potentially vast source of business intelligence, Google on Thursday introduced a public Domain Name Service (DNS) resolver, a service that allows Internet users to rely on Google rather than their ISP to take them to the Web sites they wish to visit.

DNS is the Internet's equivalent of a phone directory: It takes domain names, like example.com, and translates them into associated numerical IP addresses (192.0.32.10, in the case of example.com) to connect the client's Web browser to the Web server at that address.

Google Public DNS aims to provide improved security (in the form of resistance of cache poisoning attacks but not content blocking or filtering), better performance, and "more valid results," a reference to ISPs that filter content or use NXDOMAIN redirection to monetize mistyped domain names.

"The average Internet user ends up performing hundreds of DNS lookups each day, and some complex pages require multiple DNS lookups before they start loading," explained Google product manager Prem Ramaswami in a blog post. "This can slow down the browsing experience. Our research has shown that speed matters to Internet users, so over the past several months our engineers have been working to make improvements to our public DNS resolver to make users' Web-surfing experiences faster, safer and more reliable."

Google is aware that its involvement with a core Internet protocol may prompt concerns from those already worried about the company's power. Its product documentation stresses that Google Public DNS is not a top-level domain service like what Verisign provides, is not an authoritative host for other domains or authoritative name service, and is not a filter of any kind.

In a blog post, Lauren Weinstein, co-founder of PFIR - People For Internet Responsibility and founder of PRIVACY Forum, notes that Google has established a separate Privacy Policy for Google Public DNS that promises to delete temporary logs -- which, unlike permanent logs, contain IP addresses associated with DNS queries -- within 24 to 48 hours.

"Google has obviously recognized the sensitivity of this issue," said Weinstein. "Their separate privacy policy for the Google Public DNS strikes me as utterly reasonable, particularly given its very rapid (24-48 hours) deletion of what I would consider to be the key privacy-sensitive data."

Other experts on Internet protocols also suggest that Google's move on the whole appears to be a positive one, though they note that it is not without some potential pitfalls.

"I think overall, it's a good thing," said Cricket Liu, VP of architecture at network services company Infoblox, noting that Google Public DNS gives users with ISPs that perform NXDOMAIN redirection a way out, if they care enough to bother with reconfiguring their DNS settings.

Liu also says that most ISPs, as far as he was aware, do not publish a data retention policy for DNS queries. So in that respect, Google Public DNS could actually improve online privacy to some extent.

"All-in-all, this is probably a good thing, but like most good things there are some risks," said Karl Auerbach, CTO of at InterWorking Labs, an attorney, and former member of the board of directors of ICANN, in an e-mail. "I tend to find that the risks are of low probability."

In all likelihood, the technical hurdle of DNS re-configuration will limit adoption of Google Public DNS, at least until Google takes steps to automate the switchover process or until Google decides to make its DNS service the default DNS configuration in Chrome OS, due to be released next year.

But if Google Public DNS does become popular, Google will have access to very valuable information about Internet user's online activities.

"It's a given that Google is going to mine your query stream to figure out what you're looking up and they're going to do something with that data," said Liu. "They're going to use that data. They don't do this out of the goodness of their heart."

Auerbach suggests Google could generate a very efficient real-time feed of top queries by setting up a DNS server like Google Public DNS. This would allow Google to immediately track the performance of URLs in TV ads placed by advertising clients, for example, and to quickly adjust the ad campaign based on real-time feedback. He also suggests Google could use DNS queries to learn about the search keywords submitted to competing search engines like Microsoft's Bing.

Google Public DNS could improve Google Search or other Google services, Auerbach says, by giving the company access to the "dark Internet," Web pages not referenced by external links.

Furthermore, Google's pre-fetching of data from popular domains, Auerbach observes, will make those domains faster, a potential competitive edge for the more responsive sites.

Google has made "speed matters" something of a corporate mantra.

There's even the possibility that Google Public DNS could weaken the Internet Corporation of Assigned Names and Numbers (ICANN), the organization that oversees Internet administration.

"In another regard this announcement could lead to some intriguing changes in the dynamics of Internet governance and ICANN because, with a large user base, it gives Google the ability to deploy its own top level domains," he said. "Of course those would be visible only to the users of Google's DNS. But free premium Google provided content under any of those Google TLDs would certainly be a strong attractant for more users and start a snowball effect ultimately resulting in the obviation of ICANN. It is perhaps unlikely that Google would chose to do this, but there's nothing that prevents it."

information and Dr. Dobb's have published an in-depth report on how Web application development is moving to online platforms. Download the report here (registration required).