My cousin was one of the many people to send me a link to David Pogue’s blog post at the New York Times titled “A Faster Web–for Free” about OpenDNS and how much he and his wife love it. That’s just awesome!

For those of you who don’t know, David Pogue is the consumer technology superhero for the non-geek population. In addition to his usual column he also does a bunch of really great video podcasts that you can watch.

Pogue writes in his column:

“In short, Open DNS works by caching Web-page requests from its thousands of users, so that the site you want is blasted to you in a fraction of a second.”

Just to clarify, we cache the DNS requests only. DNS is the part of a web request where your computer says “how do I get to site xyz.com?” DNS is a significant part of the latency in your web experience and that’s where a large part of the speedup comes from but we don’t actually cache web pages from other sites.

Courtesy of Matt Marshall, I was asked to contribute an article to VentureBeat. You can read my article, “Why do we pay Internet Bad Guys?,” in its entirety over there or below. Matt has some really great stuff on VentureBeat, so go check it out!

Two weeks ago Auren wrote a dead-on post about the Black Hat Tax that really struck a chord with me. I’ve been paying the Tax for five years with my first company, EveryDNS, and for a few months now with my current start-up, OpenDNS. The problem has become much worse in the last few years. Why? Simply put, bad guys are getting paid. Moreover, the Tax is on users as much as its on businesses. Today we see phishing sites, malware and spyware sites growing at an astounding rate.

Consider the example I cite often when discussing the issue with friends: goggle.com (see image below; not providing a link, bad site), the site that might be the most insidious of all typo squatting and malware sites on the Internet. Goggle.com, an obvious typo of google.com, offers an anti-spyware product called SpyBouncer in addition to being filled with pop-up ads (nb: SpyBouncer claims the copyright on the bottom of goggle.com). The website makes a user believe that their computer is currently infected with spyware and that installing SpyBouncer will get rid of it. They say it’s free to try and the program conveniently finds spyware which it will remove for a price, of course.

Symantec and others all claim that this product is a total scam and that it neither detects nor repairs spyware with any accuracy. Thanks to the accidental traffic that lands on goggle.com by unsuspecting users, SpyBouncer has no incentive to make a good product, they can just fool a new batch of users everyday.

Why does a site like goggle.com exist? Because crime pays, but that’s hardly news. Why it doesn’t get shut down by its webhost (DataPipe) is a good question for another time. What I do want to know is… why is SpyBouncer allowed to run Google ads on its Web site (as they do on the top)? Why are these kinds of abusive software programs allowed to purchase AdWords campaigns luring even more users into this trap? Why is Revenue.net paying SpyBouncer to show ads on goggle.com? Why is Google accepting money from fraudulent advertisers which continues the cycle of malware and spyware? This is why users react so negatively to online advertising. It’s not the relevant and unoffensive advertising that they bemoan, it’s the scams and tricks the advertisers and advertising networks spread around the seedier neighborhoods of the Internet.

These kinds of abuse are pretty bad, but what bothers me more is that much of it is being facilitated by companies I respect and admire. People like Ben Edelman have done a lot of research showing the connections between companies like Yahoo and fraudulent advertising practices but that’s not enough. There are so many layers and levels of misdirection that it becomes hard to tell who is paying who and why. As the CEO of a company operating on the Internet, I’m spending money dealing with Internet bad guys who are getting paid to annoy me, my employees and my users. Everyone is wasting their time dealing with this crap while the folks in the money trail keep taking their cut and passing on the buck. When I asked my users what they thought about goggle.com I saw a nearly unanimous response of outrage and frustration. Hundreds of users spoke out on our corporate blog and on sites like Digg.com venting at the absurdity of a site like goggle.com.

It’s time that ad networks cleaned up their act and started being more transparent about fraud and abuse. It’s time security companies started fighting the causes of network abuse and not simply the symptoms. There will always be a Black Hat Tax but right now legitimate companies are making it more expensive. That has to stop.

For the audio-inclined, I wanted to share with you two recent clips about OpenDNS.

The first is an interview of David Ulevitch by Mark Howson of The Mac Nurse, conducted via Skype on July 20. The interview runs a bit over 14 minutes. Go listen for yourself (link is to web page, not file). Mark put together an interesting slideshow on top of the audio interview.

The second item for your listening pleasure comes courtesy of David Redekop, one of the founders of Nerds on Site. David and his colleagues join host Ryan Spence every Tuesday to talk about technology on Ask the Experts, on Newstalk 1290 CJBK, in London, Ontario, Canada. This past Tuesday, July 25, Redekop told Spence (and his audience) about OpenDNS.

Listen to the MP3 (6 minutes, 53 seconds; 1.6MB). Redekop explains DNS, explains phishing (and how DNS can help…more on this soon), and explains OpenDNS. I’m pleased to hear that he’s been using OpenDNS since he heard about it, and considers it for his clients.

I would clear up one point from the Ask the Experts segment. The search results page you see if

1. OpenDNS cannot resolve the entered domain
2. OpenDNS cannot fix a typo

has both organic (unpaid) search results and clearly labelled advertisements. Redekop says he think that OpenDNS is a service worth using even if all the results are ads on that page (thanks!), but I wanted to clear that up all the same.

Note: In describing OpenDNS, Redekop throws out what he calls “the old phrase”: “There’s majesty in simplicity and simplicity in majesty.” I didn’t recognize the phrase, but a bit of poking around leads us to Alexander Pope, the English poet.

There is a certain majesty in simplicity which is far above all the quaintness of wit.

Learn something new every day.

One week ago, OpenDNS opened up its free DNS service for everyone to use. It’s been a fun week, with lots of feedback. It’s great to be listening to customers, rather than predicting (guessing) what the reaction will be.

We’re reading everything and responding where possible. Probably still a few dozen of you who deserve an email response… it will come! Most of our public responses have been on individual blogs, to make sure the individual sees the response. David, our CEO, has been an active member of the NANOG and dns-operators mailing lists for years, and he’s contributed in those forums, too. We’ve heard from you over the phone, via email, via blog comment, in person and over IM (our team addresses are listed).

I’ve been flagging blog and media mentions on del.icio.us, and you can see the most recent 20 items listed in the OpenDNS press center. Or you can watch the del.icio.us page directly, if you prefer. Not every reference is positive. Fine… we learn a lot from listening to our critics. If we’ve missed a worthy reference, please bring it to my attention, either via email or even via a for:pencoyd tag in del.icio.us.

So far, we’ve been adding to our FAQ to address concerns and questions which we’ve seen come up in multiple places, whether blogs, articles, email or IM. If you haven’t read the FAQ in a while, take a look. It doesn’t shrink!

It might be more helpful for us to start responding on this blog, too. In the next few days, we’ll provide more details here about our identification of phishing sites, how we’re handling DNSBL and mail servers (hint: click on the new preferences link, top right of every page), our network buildout, additional stats and more.

Note: one of our favorites, a thorough review, with actual testing of the speed for that individual.

Tom Merritt and Veronica Belmont from CNET Buzz Out Loud took a few minutes on Monday to talk about OpenDNS.

Listen to the brief clip about OpenDNS (3 minutes, 10 seconds long; 1.5MB).

Thank you to Tom and CNET for permission to host the clip, which was pulled from the Buzz Out Loud show for July 10, 2006. They make tech pretty fun every day.

In the clip, Tom does a good job succinctly explaining what DNS is before talking about the service more broadly, rightly saying that it’s a pretty easy switch to make. Tom tried it personally, and both of them liked the idea (listen for yourself).

Tom and Veronica also discuss how OpenDNS interacts with corporate networks, and that’s something we should explain more.

Internal resources — for example, a web tool you might use for reporting vacation days — often takes advantage of local DNS resolution. In that case, using OpenDNS may prevent you from getting to those resources and you will have to turn off OpenDNS while you use them. There is no logical way for us to address internal resources, yet. On a related note, if on a VPN to a corporate network not using OpenDNS, you will be using the corporate DNS server, rather than OpenDNS, until you leave the VPN.

Of course, we encourage network admins to use OpenDNS as a forwarder, where internal requests are handled internally, and external requests are handled by OpenDNS. Happy to provide more details and help to anyone interested.