OpenDNS, a San Francisco based startup founded by Minor Ventures and David Ulevitch, first launched in mid-2006 as a free tool to speed up web surfing and protect users from phishing and other malware sites.
OpenDNS isn’t exactly a sexy service. Users have to do some basic configuration of their computer to get it going, and once it’s running they rarely see it again.
Here’s when you do see it - when you type in or click a link to a “bad” site, OpenDNS redirects you to their own page instead, which includes search results and contextual ads. The site has become a hit with schools and businesses that want to filter out any of 50 categories of websites (things like gambling, porn, social networking, etc.). Users can also whitelist or blacklist individual sites.
The service now has 500,000 registered accounts. But the real number of users is far more than that. You don’t have to register to use the service. And a single registered account can represent tens of thousands of actual users. Ulevitch says one school account has 36,000 users, for example. Another account, a hospital, has 5,000 beds and wifi for patients.
The service resolves about 7 billion DNS queries per day and serves about 2 million search pages per day. Revenue from search pages brings in as much as $20,000 per day. They currently work exclusively with Yahoo, Ulevitch says.
All that ad revenue lets OpenDNS offer its core service for free. That means organizations can add spam filtering to their networks without paying up to tens of thousands of dollars for competing filtering solutions.
OpenDNS also uses their community to drive new features and tag new malware sites. Users submit ideas and vote on them in a Digg-like interface. And when a user blacklists a site and tags it with a category, other users are asked to verify. If they do, the site is added to the general category blacklist as well.
I’ve been using opendns for 6 months and have been pleased. The best feature is easily blocking domains & ad servers. Adding a few such as doubleclick.net & oa.techcrunch.com (sorry michael) will speed up your downloads and reduce website clutter.
I’ve wanted filtering to go context-based instead of website-based. Maybe I want to go to YouTube to watch a tutorial on how to use something (relevant to work or school). Maybe a newspaper has an article that is not suitable for children but the filter wouldn’t probably notice.
Obviously there are sites that focus on a very specific topic but then there are others that have a bigger spectrum of content. What happens in that gray area? as that article mentions, sometimes not filtering can save companies money.
7.3 million is a nice start - but that growth will need to continue.
Every time I see things like this, I kick myself in the ass for not being the one to think of it. Such a simple, obvious thing to do.
I agree, Aubrey. This concept was tried many times before (NetNanny, etc..) but OpenDNS’ implementation is so much more elegant. Makes me wish I had thought of it :p
How do they make money from the search, I don’t understand?
The search results are powered by Yahoo and include ads. OpenDNS gets a cut of the of the revenue generated from clicks.
google.com/search?q=hosts+file
addons.mozilla.org/en-US/firefox/addon/1865
Put that in your address bar. Those are much more elegant solutions. The latter is the preferred solution of the Digg generation. No one in the tech world dares to blog Adblocker Plus. That honor will be mine tomorrow as I defy conventional wisdom on TL.
http://offur.com/BetterThanTechCrunch
Have been using and promoting this service for ages.
One thing that really irks me is that they still haven’t got the domain stats feature up and running again. C’mon OpenDNS it’s a pretty big feature to have down for this long. Although I do understand that the amount of traffic they get makes things a bit hard.
If they served Google ads I am sure the revenue would be much higher as their is a larger volume of advertisers and higher click prices.
Good for them. At my old high school, we used OpenDNS for filtering.
Kudos to them because it’s a great service but wouldn’t “Closed DNS” be a more appropriate name?
After all, there’s nothing at all “open” about blocking things.
Free? Yes.
Innovative? Absolutely.
Open? Not so much.
I am willing to bet that oversee.net tries to acquire them, if they can afford it…
A great idea.
I’ve been using this for quite some time and I don’t understand why more people don’t. Any home/soho router I get my hands on I automatically put OpenDNS resolver IPs in.
Set it and forget it.
I will not use these guys until they promise to not squat on typo domain names their users accidentally type in. . . I bet this is where they make most of their money . .. or even better. . . where David pockets it for his private bank account.
If you guys think verisign to be shady, these guys has the potential to be even more shady. Someone really need to either regulated or audit their business practices.
@Markus — We’re open in the sense that we give you the knobs and tools to manage the DNS coming into your network. Let in the good and block the bad. We’re also open in lots of other ways, but ymmv. There’s not a feature we offer (afaik) that you can’t adjust or turn on or off in your account.
@No Name Yahoo — The company has never done that, nor have any employees including myself. The first reason we haven’t is that it would be a violation of trust. The second reason is that all the domain are already taken. We once looked at it, out of curiosity, and we determined that even if we weren’t ethically opposed to it, there was no financial justification for it either. e.g. it would do more to harm the company than it would to help it.
We have been using it since the day it debuted……
Would be interesting to get an analysis on just how much it actually speeds up Web surfing
I’ve been a big fan of their services over the years. I started using them when my ISP was having issues with their name servers. I keep reminding myself I should play around with their shortcut feature as it sounds useful.
Awesome. OpenDNS is one of those companies whereupon hearing about it you just have to say “ahaaaaa”. Congrats to David for having that aha moment way back in 2005 and executing so well since…
@David … I think you guys offer a great service, and I’ve been running it on my home router for several months now. Congrats on the well-deserved coverage.
I currently live in a market where 10s of thousands of households can benefit from the service OpenDNS provides, but there is a general lack of technical know-how among parents that requires some hand-holding during router setup. (The kids know what what they’re doing, but asking them to install OpenDNS is like asking the fox to guard the henhouse.)
There is also a need for some OpenDNS account management automation (for example, to enable time-based domain filtering to blacklist certain domains/categories at night).
I’m wondering if OpenDNS has some sort of API that developers can hook into to manage accounts, or if you’re open to partnerships with external developers to make this service accessible to less tech savvy folks?
So simple, yet so smart!
wow, so simple and so nice
This is great. I have been suggesting openDNS to to all my friends for some time now.
C’mon, people. Is this a technology blog or a gossip blog?
Have you ever heard of IP address?
At any operating system you can use nslookup to lookup for an ip
address.
Students and employees don’t know about nslookup, but they will once this king of dns block becomes prevalent.
Pishers can also use IPs in HTML links.
Try it some time. Dosen’t work for TC or 99% of other sites. http://64.207.133.151/
“The world’s largest, fastest-growing DNS service provider”?
Would it not be more precise to describe it as a service based
on adulteration of DNS results (NXDOMAIN and beyond), even though
OpenDNS usually shows up in discussions as morally superior to similar
businesses?
Please note that I’m not questioning the personal ethics of those
involved in the project. I would not dare such a judgement, and I
do not believe it to be a relevant issue in the long term: successful
companies may well outlive their founders and their founders’
principles..
How often, instead of being ‘opted-in’ by individual choice, will
OpenDNS affect ‘thousands of households’ at once —
allegedly for ‘protecting the poor children’ (from their absent
parents’ latest fears) or ‘protectiong the poor adults’ (from their
lack of education and poor judgement when faced with junk email,
fraudulent web sites, or ‘offensive’ content)? Changing personal
settings on a individual basis and by individual choice is fine, but
when service providers — and, ultimately, government wishlists —
become involved, free markets sometimes are not enough for freedom of choice.
Protection by blacklisting in a vigilante mindset (even when
based on voluntary work instead of from a corporate source)
usually reaches far beyond the original goals and attitudes.
Only a few days ago a client of mine noticed that his site
could be blocked by Kaspersky tools in Windows systems.
His site is a detailed discussion of a 15th century painting in its historical context.
The cause for blocking: having been labelled by someone as ‘violent’.
In my point of view, however, the problem begins much earlier than the
blocking of consensually false positives. As it seems to have been
mostly forgotten in this age of symbolical correctness, freedom of
speech means the freedom of the speech that most of us would find
objectionable or ‘dangerous’.
In the end, this is more than an issue of Internet neutrality.
OpenDNS is one of those tools which in the eyes of many seem most
desirable additions to the infrastructure, ultimately one more tool
for crime prevention. Too often, political leaders are eager to
delegate to magical ‘technical protection measures’ and ‘industry
self-regulation’ powers which in a healthy society should stay the
province of the law, the courts or the police. They are well aware of how in our current ‘terror’-oriented civilization:anything which helps (or seems to help)
prevent crime is automatically perceived as lawful and morally acceptable.
In this context OpenDNS is indeed bound for success, since it is,
technically speaking, in the business of censorship. As with other
forms of ‘protection’ we have witnessed, it may well start with the
best of intentions, the highest ethics and extreme convenience. The
issue here is not one of blaming OpenDNS for all the poor choices
their customers end up doing. However, as citizens, we should
remember that corporate values and law/order/justice are best kept
separate and independent. Centralizing not only DNS-altering rules but also huge amount of access data, OpenDNS is a tempting target and tool for those who already now want to delegate police work to ISPs.
No, I am NOT defending that some government agency should take over a similar role…
I’m running OpenDNS at home because on my reasonably fast (6mbps) cable connection, the Road Runner DNS servers crawl.
At my middle school they run Squid/DansGuardian (for the filtering, obviously.)
I must say OpenDNS looks decent for filtering, but it shares the flaw of nearly all “filtering” solutions: it can be bypassed by proxy. It can also be easily bypassed by pinging the sites you intend to go to from home or an unfiltered friend’s house, writing down the IPs, and using them directly. Will stop your casual gamer or (possibly) your casual voyeur, but nothing will ever stop a determined, computer-savvy 13-year-old.
I could write for hours on the evils of filtering, but instead I’ll say this: freedom of speech and freedom of information should apply to all. All. Everyone. Not just adults. And by limiting children on the computer, parents prevent their children from developing unfathomably valuable skills, skills that cannot be learned in any classroom.
Computer classes teach you how to make pretty shapes in Word, not how to get around the UNIX command line, program in PHP or Django, or deploy a dedicated server with lighttpd, fastcgi, and MySQL 5 with InnoDB turned off to save memory usage. For stuff like that, one needs to be able to truly use their computer and not be afraid of “breaking” it. (I’ve reinstalled Mac OS X once an on ancient iMac, and “broken” and re-imaged Debian, Ubuntu, CentOS, and Gentoo dozens of times. Several of those, though, I just decided to wipe the slate clean and see if I could do it all again.)
This was a topic of my This I Believe speech for English last year (7th grade).
Expulsion will generally stop a 13 year old from viewing porn at school. After the expulsion, the kid will be using someone else’s computer.
IT can just setup a whitelist of approved IP addresses. There’s no getting around that (not even with proxies), since only traffic to approved services would go through.
Obviously, this would mean using Yahoo or Live for search, to avoid the Google Cache and Translate loopholes…
I should add: ironic, isn’t it, how something web2.0ey, cool, and “open” makes so much on censorship utilities.
@Jacob: I agree–bitterly ironic. Sounds like the name came straight from 1984
It is scary that what is effectively a censorship tool is popular enough to bring in 500,000 accounts. I’d be willing to bet that at least 90% of those accounts are network admins who use it to censor other people rather than individuals using it as a personal ad-blocker or anti-phishing tool. And that’s pretty sad.
You guys sounds retarded with your censorship argument…They are providing a good, FREE service for a lot of businesses. Don’t be jealous that they are making more money than you.
@David: Are you still serving search results from your very own Google proxy servers when an openDns user searchs for anything in Google?
That’s why i have stopped using the awesome service. And i never will use it again as long as you continue doing that.
Btw, what do you do with all the data you collect?
Mark — We don’t do anything with our data that you can’t see. We don’t sell it or share it with anyone. And like everything we offer, you can turn off whatever you don’t like, including the stats collection (which are for your benefit).
On the money Mark.
http://www.conceptualist.com/2.....f-the-web/
@jacob, obviously you are too young too see the point of filtering in a school and corporate environment. Yes, you are correct that there are always loopholes around filtering software. But for the 99.8% of the horny 13 year olds, the filtering system does just fine in protecting the school/corporate/whatever environment.
And regarding the rest of your irrelevant post… congrats, you want a cookie? Because I’m sure we’ve all done what you just mentioned blindfolded.
I would use it if they would allow registered users to have a free domain name, such as http://www.domain-name.opendns. They could create a new and free tld.
Are there any tests to show OpenDNS is faster?
It seems strange that it would be, as both OpenDNS and your local ISP would have cached entries for most domains, but your local ISP would be much closer than OpenDNS’ five or so locations…
For example, if I ping OpenDNS’ ip, it is 38ms response. My own ISP (Rogers), is 9ms. I doubt the actual domain lookup could be enough of a factor to offset this difference, particularly with cached domains.
PS. I was pinging OpenDNS’ and my ISP’s _DNS_ servers. I didn’t make that clear. Would love to see a comparison from someone who actually knows what they are talking about
David,
Is the log information you collect (such as logs of Google searches) stored in such a manner as to be available if necessary for responding to a subpoena? Or is it physically removed after a certain time window? What is that time window, exactly, if any?
Thanks.
Good conversation. Could someone — Mark Kaplan, David himself — explain the paragraph in post about only working with Yahoo vs. the comment re Google proxy servers?
Thanks.
OpenDNS has an exlcusive advertising deal with Yahoo. The “google proxy” is so that OpenDNS shortcuts work when you have the Google toolbar installed. Paranoids read more into it than what is there.
I run porn sites for a living, and I was worried about censorship too. I just tried using OpenDNS and I found all my sites work fine with a base install, so I guess you have to manually set it to filter adult content, which is great. My new free porn tube site worked fine too, and we use Squid.. No problems. http://www.norp.com if someone is interested. As far as the adult industry is concerned, we can’t ask for anything more than that!
We’ve been using OpenDNS for all of our computers and it’s fast and reliable. We have not experienced any outage for at least one year or more, can’t remember!
The only free thing in this world is the cheese in the mouse trap.
I wasn’t aware that OpenDNS is altering, not just blocking; knowing this now I will never use it, nor recommend it!
The OpenDNS service is fantastic. I have been using it myself for more than 12 months and have also set it up for a number of home and SMB users.
Agreed that the use of “Open” is an unfortunate misnomer.
But overall, I say congratulations to OpenDNS for a fantastic service that has continued to improve - for example, a couple of months ago the granularity of categories was greatly improved.
Tried to use it and noticed speed problems. My isp’s dns servers are faster.
OpenDNS is a great idea.. This will help protect businesses and parents who want to filter certain sites..
OpenDNS is nice, but unfortunate it’s funded by advertising, the very thing that delivers most of the spyware/malware you get. While they set out to do a great thing, I think greed got the better of them. In my opinion it would have been much better to offer the service for a fee rather than to resolve typos and non-existant domains to ads.
As an IT consultant I grew very tired of cleaning up spyware/malware and the expense of hardware/subscription based content filters, that’s why I came up with my own solution: DNS Redirector - which was publicly available ~3 years before OpenDNS.
Today I’m left wondering if I have put myself out of a job, because my customers who used to call all the time with problems related to porn or advertisements just don’t have those problems anymore.