DNS Override


  • Vivaldi Translator

    I am assuming Vivaldi will be setup to offer Opera-style portable installs. If used on a foreign PC, it would be handy to be able to bypass the ISPs DNS Would it be possible to add DNS lookups the same way as adding proxy info to a browser ? I have my network drivers configured to only use DNSSEC capable DNS, and I would like the same security in a portable install. What I would also like to see; alternative DNS lookup, inspired by Perspectives as a way to help avoid DNS pollution. At least 3 or 4 DNS (using DNSSEC) on separate networks must agree on the IP. This could either be in a new TCP stack (driver) or internal to a browser. Could test the chosen DNS regularly for redirections/blocking and DNSSEC. If no extra load, then the status can be tested with each request, otherwise check during launch or daily updates. User can be notified of a discrepancy and either blocked or sent to the most agreed upon URL. Security profiles can be based on the same percentage of agreement style system used by Perspectives, and the user simply activates Low, Medium, or High. Connecting via BT in the UK, I can access 8 DNSSEC lookups. 5x UUNET 2x Google 1x BT So I only get to use 3 separate networks :( I used Steve Gibsons DNSBench to find the servers I can use. Out of over 4k DNS, less than 200 were available/responding from my location. DNSBench cuts the list to the fastest 50. I may be able to access more (but slower) DNSSEC cabable networks. If the list of DNSSEC servers is so small, maybe it can be updated into the browser ?



  • @dr-flay Some of this has been addressed, like the 9.9.9.9 proxy DNS that can solve pollution of DNS - but this is also a place where Vivaldi can be different.
    It can cache by reading the local /etc/hosts file - and verify these addresses against what the net responds.
    It should also be possible to detect all https hosts, and keep their IP addresses in a special file, or very simply, allow us to name "special hosts" - like the IP address to your bank and its web services. Then we can be alerted should the IP address change, which is what the scammers do: pollute the DNS somewhere and redirect us via their server, allowing them to tap in and obtain our passwords and other private information, to impersonate us and with full access to the banking system, they can use our funds.
    Then you have your two valid arguments, to be able to name the main DNS will allow us to jump government censorship, and also make DNS faster.


Log in to reply
 

Looks like your connection to Vivaldi Forum was lost, please wait while we try to reconnect.