The German politicians are currently still pushing laws to censor the Internet (they actually managed to pass one law, now they are trying to defend it and broaden the spectrum of things to censor). It all started out as a good thing, they were trying to eradicate child pornography. Instead of having the child pornography simply removed from the Internet (which has been proved time and time again is fairly easy), they used the topic to implement general Internet censorship instances. Censorship is bad, and what pisses people off most is the fact that the “censorship” just puts up a big red stop sign in the browser of a user when he surfs to a page on the blacklist, and anyone with enough computer experience to turn a computer on and surf the Internet is more than able to bypass the current “censorship” and surf to any website he wants to.
Back to the reason I’m writing this post 😉 DNS servers are the servers that turn , for instance, www.google.de into the computer understandable IP Address of the server (so your browser knows where it has to go to get the pages). DNS servers are a fundamental part of the Internet as we know it. In a nutshell: A politician from the German SPD party stated that anyone running his own DNS server *) is supporting child pornography because he (or she) bypasses the efforts of the German politicians to use the DNS servers of the Internet providers to censor websites. To make this strange mental leap of the SPD even more funny, the SPD has a DNS server that anyone can use and (since certain institutions were explicitly exempted from the censorship laws) doesn’t censor anything.
Let’s look at the list of DNS servers from the SPD:
$ dig -t NS spd.de
spd.de. 26100 IN NS ns1.arcor-ip.de.
spd.de. 26100 IN NS ns2.arcor-ip.de.
spd.de. 26100 IN NS ns3.arcor-ip.de.
spd.de. 26100 IN NS dns2.spd.de.
aha, let’s have a look at dns2.spd.de since it is the only one not from a large Internet provider
$ host dns2.spd.de
dns2.spd.de has address 195.50.146.131
$ whois 195.50.146.131
inetnum: 195.50.146.0 – 195.50.146.255
netname: SPDINET-NET
descr: Sozialdemokratische Partei Deutschland
descr: Wilhelmstr 141
descr: 10963 Berlin
country: DE
admin-c: FH1138-RIPE
tech-c: ANOC1-RIPE
status: ASSIGNED PA
mnt-by: ARCOR-MNT
source: RIPE # Filtered
yepp, belngs to the SPD, let’s check if it resolves hosts for us …
dig @195.50.146.131 dopefish.de
dopefish.de. 3600 IN A 188.40.34.99
Works fine, that means we can tell our computer to not use the DNS servers from our provider, but use the one from the politicians who are helping to push Internet censorship.
*) Yes, I know the differences between DNS servers, recursors, … I’m just keeping it simple.