Last week I had the privilege of being in Washington DC to talk to a number of distinguished members of Congress along with top leadership from The Whitehouse to urge them to reject two pieces of legislation which would be detrimental to the Internet and to the United States economy.  

The two bills (Stop Online Piracy Act in the House of Representatives and Protect IP Act in the Senate) have a noble goal, reducing online piracy.  Unfortunately, these bills come at a terrible price – they will force the creation of a “great firewall of America” used to censor websites that are hosted outside of the US and they will burden Internet companies with liability and litigation that will force new jobs and businesses to be created overseas.

Below is a copy of letter I am sending to Congress today.  Please feel free to share widely and comment below.

Here’s a link to the non-flash embedded version: http://db.tt/GMGdcCLp

OpenDNS CEO Letter to Congress regarding SOPA / PIPA –

Today we announced that Shea Homes, the largest privately-held homebuilder in the U.S. has deployed and is experiencing great success with OpenDNS Enterprise. J.F. Shea Co., its parent company, is also using OpenDNS Enterprise. For us, its hugely exciting that the company America trusts to build our homes and engineering marvels has trusted OpenDNS Enterprise with the task of protecting its networks and employees from malware and unsafe content.

It’s no easy task to be one of the nation’s largest and most respected homebuilders and civil contractors. Aside from a strong commitment to excellence and customer satisfaction, and building global landmarks like the Golden Gate Bridge and Hoover Dam, it also means a constant and significant amount of corporate growth. For Shea Homes and parent company J.F. Shea Co, keeping up with that rapid growth meant purchasing, deploying and managing new malware protection and content filtering appliances for its various networks every time a new office was added, or more bandwidth was needed. The company and its subsidiary were stuck in an ugly cycle of appliance management, a story that’s all too familiar for many rapidly growing organizations. But escaping the cycle was not only easy, it resulted in significant savings of both time and resources.

The J.F. Shea Co. and its divisions were early adopters of cloud-based services like OpenDNS Enterprise because the move let the companies free up significant IT budget and time, and downsize datacenters across their distributed locations. This was especially significant during the economic downturn that left the building industry particularly hard hit. Notably, J.F. Shea Co.’s cloud-based evolution was rooted in the transition to OpenDNS Enterprise. Shea Homes soon followed by adopting OpenDNS Enterprise for all of its North Carolina locations. The organizations not only leverage OpenDNS Enterprise for its unique ability to block malware and botnets at the DNS level, but also for the added protection the organizations receive by filtering malicious sites that are frequently the sources of such malware.

Using OpenDNS Enterprise afforded J.F. Shea Co. a savings of more than $25,000 and gave Shea Homes the ability to downsize its datacenters and let its IT team focus more closely on proactive maintenance. We’re excited to say that OpenDNS Enterprise does this each day for companies large and small. And we love spreading those stories, helping other SysAdmins around the world learn how OpenDNS Enterprise can do the same for them. If you have questions about OpenDNS Enterprise, or want to learn how it can help your business stay safe from malware or inappropriate content, join our webinar next Wednesday, Oct. 26.

If you’re using OpenDNS at work and want to share your success story, email Success@OpenDNS.com.

Editor’s note: EDUCAUSE, an organization that helps advance higher education by promoting the intelligent use of Information Technology, hosts its annual conference this week. And we’re celebrating by introducing you to one of the many bright students studying Information Technology, Richard Wang. Richard is finishing his senior year studying Computer Science at Cal State Long Beach, and shares some insight on transitioning into life after college.

OpenDNS: Did you always know you wanted to work with computers?
RW: No, as a matter of fact, I originally wanted to be in theater. It was after I was infected by my first malware that I wanted to learn more about computers and work with them. No one wants malware on their machine — that’s why we use OpenDNS – but If it wasn’t for that malware, I would probably be on stage somewhere pretending to be someone’s grandma.

OpenDNS: How are you using OpenDNS today?
RW: I discovered OpenDNS when I read an article where Dan Kaminsky was discussing a security vulnerability targeting DNS servers. When I learned that OpeNDNS was the only DNS provider not affected by the vulnerability, I set it up right away. I love OpenDNS for the faster Internet, typo correction and phishing protection. But, I also have a younger brother and cousin who bring their friends over, and those friends bring their laptops as well. I provisioned OpenDNS at the router so any device that comes onto my network still adheres to the standards I set. Thanks to OpenDNS, I have not gotten in trouble with anyone’s parents.

OpenDNS: You’re interning at a pretty neat company. How does your real world experience differ from the classroom?
RW: The pressure and stress is definitely greater. If I mess up on a school project it means a failing grade. But, if I mess up on a real-world security project, the consequences could be much more severe. One of the most interesting adjustments is that that outside the classroom the development process is much more dynamic. There are always numerous tests, designs, revisions, approvals and implementation phases to go through. But, just knowing that real customers will use my work makes me proud. Oh and the fact that I get to use Linux a lot more at work than at school is awesome!

OpenDNS: You’re nearly finished with school. With technology changing so fast how will you keep your education up to date?
RW: I try to read as many blogs and forums as possible. There are so many smart people out there who learn something about an appliance, software or service just by playing around with it! The OpenDNS blog is one of my favorites, since it explores real issues related to Web security. YouTube is a great resource, too. I like watching Google Tech Talks when I have time to spare.

OpenDNS: It’s said that if you do what you love it’ll never feel like work. What are your plans for when you’re done with school?
RW: After I am done with school, I want to do system administration or software development. I do not mind either one as long as I get to play around with Linux at work — playing with Linux at home is not enough to satisfy me.

Confusion reigns over a new partnership between the UK government and the region’s largest ISPs. What we know is that Sky, British Telecom, TalkTalk and Virgin have teamed with Prime Minister David Cameron to make it easier for parents to block pornography.

What we don’t know is whether filtering of pornographic websites will be on by default, with the option to be disabled, or off by default, with the option to be turned on. We also don’t know how, technically, the filtering will be executed. And related, how difficult it is to bypass. We don’t even know how “pornographic” will be defined.

Even without knowing any of that, I can say with relative certainty that this is an idea that won’t work and shouldn’t be done. More on that in a moment, but first, a comment on how some people use OpenDNS.

Something we don’t talk about often is the dual nature of OpenDNS’s benefit to our 30 million-plus customers around the world. While a good portion of those folks use OpenDNS to filter content and keep their kids safe online, many people in countries like Algeria, Egypt and Turkey use OpenDNS for an entirely different and even opposite reason. Those countries happen to be three of the top government-imposed Internet-censoring countries in the world and our customers who live there are often able to use our service to access the wide-open Internet. It allows them to quickly and easily bypass government-imposed filters that are done through the DNS. We fully support that and believe that people should control their own means of accessing the Internet.

Back to this UK porn filtering idea. We believe filtering should happen at the edge. The edge means the “last mile” where your home or computer connects to the Internet, or where your office connects to the Internet. Doing filtering at the ISP level is what I would describe as “the core.” We don’t think ISPs or Government should mandate what you can and cannot access, nor should they modify or censor packets that leave your network. We’re thrilled to be the choice of millions of people who want to block malware, botnets, and sometimes even pornography on their network, but we would never want usage of OpenDNS to be mandated by the Government. We prefer when our customers choose us and when our customers set us up themselves.

OpenDNS has become part of the discussion in the UK today because many have pointed out that we do what Cameron is trying to do with the new filter. There are important differences though. It’s true, OpenDNS can be enabled today in every household in the UK with children, empowering parents to block what they deem unsafe or inappropriate for their family. But OpenDNS can be configured differently for each household, as opposed to a blanket filter, which it appears is what is being proposed by the UK government.

Our stance here is simple: We think parents should have the tools to keep their kids safe. For some parents that means having access to content filtering tools, but for other parents it just means a conversation with their kids. That’s a choice best left to parents, and we don’t think that any form of government intervention is appropriate here.

Editor’s note: October is National Cybersecurity Awareness Month here in the U.S. so we’re catching up with Thomas Mitchell, a Managed Service Provider who deploys OpenDNS Enterprise on nearly all the networks he manages, for a few tips on improving Web security and avoiding costly IT disasters.

OpenDNS: You work as an OpenDNS ambassador of sorts, recommending and installing it for your customers. Why did you choose OpenDNS over competitors?
TM: I discovered OpenDNS because I was looking for a way to keep my family safe online. After further exploring OpenDNS business solutions, I realized it was ideal for many of my clients. Appliance-based systems are costly to set up and maintain. We had experimented with proxy-based web filtering, but that brought other issues. And the last thing we wanted to do was roll out software to end user devices because we’re now seeing a myriad of smart phones and tablets in addition to desktops and laptops. OpenDNS was quick to set up, easy to maintain and a single dashboard allows us to look after all our clients from the same place. It really was a simple decision and one we would make again.

OpenDNS: You must inherit disasters of all sorts. What’s the ugliest thing you’ve seen?
TM: We recently took on a new client and all the users on their network were complaining of performance problems and other random issues. The network had over 200 viruses and a ton of malware. This was mostly because there wasn’t a comprehensive preventative security strategy in place. As expected, when we put proper precautions in place, including OpenDNS, there was an immediate improvement.

OpenDNS: What’s the best tip you can offer to computer and Internet users for avoiding costly IT repairs?
TM: Security. If you make sure your machine is patched with the latest updates for your software and a current anti-virus installed, and add OpenDNS to the mix, you’ll find most problems are prevented in the first place. Beyond that, I’d advise not to install applications or free software that you don’t need.

OpenDNS: What about a tip for small businesses who can’t afford an in-house IT person?
TM: Find a local IT support company that offers proactive, unlimited support. This way you get the benefit of having a whole team of specialists to look after your IT. Just make sure the service is unlimited. That way your IT support team is motivated to prevent issues rather than wait and charge by the hour for fixing the inevitable.

OpenDNS: What’s one thing people should do before picking up the phone to call their IT guy when they think there’s an issue?
TM: Turn it off and on again. It probably seems too simple to work, but you’d be amazed the amount of people who call us with problems that a simple reboot would fix. Going beyond that, a search in Google often finds a solution in no time at all. Just remember to be specific in your search, type in the exact error you are seeing. The odds are someone will have seen it, and fixed it before.

Thomas Mitchell runs TechSolvers, an IT and Managed Services support consultancy in the UK. Want to answer five questions for OpenDNS like Thomas? Email your OpenDNS success story to Success@OpenDNS.com.

Attention Managed Service Providers: OpenDNS can protect your clients, too. Click here to learn more.

Nope, that’s not a typo in the headline, we had our best week ever, for the last two weeks running. It’s a great pleasure to run a company that has grown consistently since its inception five years ago. Being able to watch important metrics climb up and to the right is a joy not all companies are afforded, and we don’t take this success for granted. We’re focused on innovation and improving the status quo when it comes to DNS and security — we owe it to each of you.

In our kitchen we have a KPI (key performance indicators) dashboard that every employee at OpenDNS can see. It covers an array of important metrics that provide critical insight into the health of our business even including our day to day financials. I’ve always run OpenDNS with a keen focus on numbers and I believe we can run the best company by sharing the numbers widely. Being able to see the numbers causes everyone to think about their contribution to the metrics that matter and how they can have a positive impact on the company (less support requests, improved performance, better traffic engineering, etc.) I believe looking at the numbers can guide a business unfailingly — Numbers don’t lie (though their interpretation is often a good fodder for debate!).

Today I’m delighted to report some exceptional numbers. OpenDNS has recorded its two biggest weeks on record. We are now regularly handing over 32 billion requests per day during the week (some of you seem to take a break on weekends). Best of all we’ve done this with zero downtime, as we’ve never had downtime in our entire company history.

I believe in our mission unwaveringly of making the Internet safer, faster and more reliable. And I can’t thank our users enough for their support of that mission. Also can’t wait to share more the cool stuff we’re cooking up.

PS — Some of you have already asked me about what we’re using for our KPI dashboard. We built it ourselves and I’m going to suggest the engineer who created it write a post about how it works.

OpenDNS runs PhishTank.com, the largest clearinghouse of phishing data on the Internet. So we’re often the first to see new, particularly sneaky phishing attacks. The one we’re sharing with you today is both of those things.

At the surface, this scam looks like hundreds of thousands of others we’ve seen over the years. It impersonates an HSBC Bank website and encourages people to enter their login credentials, which would then, presumably, be stolen and used nefariously. While any kind of phishing is gross, it’s what’s happening behind the scenes here that’s particularly alarming.

Simply put, the scam actually turns 404 errors into phishing websites. So this phishing website returned 404 headers to your browser, which normally tell your browser that the website you’re trying to load is down or can’t be found. Instead of saying a page couldn’t be found, their “error” page just looked like HSBC Bank’s website to visitors.

The reason this is especially crafty is that it completely circumvents one of the primary ways PhishTank tests if a phish is still live and functional, which is watching for 404 errors. Normally a 404 would only be returned after the offending website was fixed, indicating the content is no longer available. However, a website administrator can put whatever content they want on their 404 error page. This is exactly what we saw happen. By returning a 404 error, but still rendering the phish, the website administrator avoided being caught by Phishtank. But not for long.

Our exceptional community of security researchers, IT professionals and academics, quickly identified the phish and verified it, blocking it for more than 30 million people around the world instantly. And OpenDNS engineering is working now to update the way PhishTank works to make sure we catch these types of phishes without delay going forward.

The moral of the story here, and the moral to every story about Internet security: the bad guys are crafty and constantly trying new ways to trick Internet users. Security companies like OpenDNS need to be vigilant and work with the security community to quickly react to threats and always stay ahead of the bad guys. You can bet we will continue to do just that.

Update: The phishes referenced in this post were submitted by PhishTank community member Michael Molsner, who works for Kaspersky Lab.

Editor’s Note: Kids are more connected than ever these days and OpenDNS is the preferred choice to keep them safe online. But we wanted to take a deeper look at how kids today are balancing time online and off. To get some insight, we talked to Jonathan Rhodes, IT Consultant for the Cole YMCA.

OpenDNS: Kids are more connected then ever these days. How do you help kids balance active choices with the time they spend online?
JR: It’s been my experience that kids will choose to be active if the option is there. At the YMCA, I often see kids playing basketball after putting their backpacks down in the stands. Classrooms are getting more and more technologically sound and because they are surrounded by technology all day they seem to appreciate the opportunity to set it aside to run around and play with their friends.

OpenDNS: What trends do you see in kids using the Internet while away from home?
JR: You might be surprised to hear this but one thing that really impresses me about the kids I observe on our network is that they make really responsible choices. Our local high school provides some of its students with laptops to take home and I see many of them using our free Wi-Fi to finish up homework assignments or do research before hitting the basketball courts or the pool. The schools trust the kids to use technology responsibly, and since we go one step further and protect our networks with OpenDNS, it’s easy for them to focus on schoolwork.

OpenDNS: What can facilities like yours do to help parents understand the importance of Web security for their homes?
JR: While the children are in the YMCA their browsing is protected from malicious sites and adult content. This is as much for the protection of our network and guests’ equipment as it is for the parents’ peace of mind. We let parents know how we filter content so it’s easy for them to replicate the same OpenDNS filtering settings at home, but we also want them to teach them about Phishing and malware.

OpenDNS: Why do you love working at the YMCA?
JR: I came to the YMCA for the first time at age 25 and this place has had such a positive impact on my life. Everything about the YMCA is geared toward health and wellbeing. Whether I’m installing network computing equipment and making choices on the best security and content management programs to support it or I’m coming for a strength training workout, I just love being here.

OpenDNS: What are your favorite offline activities?
JR: I enjoy strength training at the YMCA, as well as spending time with my family, and reading tech news. Okay, that’s online, but I can’t help myself!