As Internet-connected devices continue to proliferate, it’s no longer uncommon for students to take notes on their laptops, iPads or even their Android phones. Because these devices are used both for work and for play, and roam off and back on to the school’s secure network, they are at a much higher-risk of malware infection. This makes the job of the school’s IT team — protecting the network from malware, and keeping students safe — much more difficult. That’s why the college’s IT team turned to OpenDNS Enterprise.

Aside from providing straightforward and easy-to-manage Web filtering, OpenDNS Enterprise is uniquely capable of both preventing access to sites that host malware, and ensuring devices that are already infected can’t communicate back to their online hosts.

The good folks who managed the set up of OpenDNS Enterprise for Southwestern Michigan College explained: “Our filtering requirements are minimal so we could no longer see the value in paying for a product like Websense. OpenDNS Enterprise not only meets our filtering needs in a straightforward way, it gives us an added layer of protection for our students by blocking malware. That makes it a much better value than anything we’ve used in the past.” You can read more about how Southwestern Michigan College is using OpenDNS Enterprise here.

If your company is using OpenDNS Enterprise to solve an interesting problem, give us a shout at Success@OpenDNS.com. We’d love to share it right here.

But we’ve only scratched the surface of what we want to do, and we’ve not yet delivered a version to our friends running Windows.

We first released a version for Mac, and that prioritization decision was met with many questions about our logic. I’ll shed some light here. Simply put, we’re almost exclusively a mac and unix shop here at OpenDNS and our developers were most comfortable building for what they know. But most of the world still runs Windows, and in order for DNSCrypt to have the greatest global impact and really, really increase privacy and security on a massive scale, a Windows version must be built.

That’s where you come in. We’ve ported the core DNSCrypt code over to Windows, but we’re not a Windows shop. We aren’t .NET hackers. And we need some help to get there. In fact, (literally) millions of Internet users want to use DNSCrypt on Windows today. The work we need help with will be felt by millions of people.

It’s not often in your career that you’ll be extended an opportunity like this. As a matter of fact, this could be the only opportunity you’ll ever have to make this sort of impact. You build this software, and you’re a hero.

It’s OK if you have another full-time job. We’re happy to have you on a contract or part-time basis. Or if you don’t have a full-time job and want one at OpenDNS, we’d like to talk about that opportunity, too. Because you’re a world-class developer. And because like us, you truly care about making the Internet a better, safer place and being a part of one of the greatest innovations Internet security has seen. Ever. Our compensation, benefits, and perks are first class. And, whatever development environment you need, you got it.

So email me. david at opendns dot com. Do it. Point me toward your credentials and tell me why you’re the man or woman for the job. Show me what you’ve built.

I look forward to hearing from you.

Recently ICANN, the global body that oversees the Internet and authors its policies, announced a plan to make available a throng of new top-level domains. Preexisting TLDs include .com, .net, .org, .co.uk, among many others. Twenty-two in total. The new ones are seemingly designed primarily to help businesses and spur economic activity. The new domains can be grouped into two classifications:

- .xxx: Designated for websites that include pornographic content as a way to easily differentiate them from non-pornographic sites.

- Generic TLDs, or “gTLDs”: Basically turns any brand or term into its own TLD. .Pepsi, .Apple, .Football or .Money, for example.

The release of both new groups of TLDs raises interesting issues for OpenDNS. Today we are the largest recursive DNS provider in the world, with more than 30 million people using our service. (Nearly doubling our traffic in the past 1.5 years.) We’re the innovator in the DNS space, as we introduced the concept of building security directly into the Domain Name System. Phishing protection came first, followed by typo-correction that helps people route around typo-squatting. Then Conficker protection and most recently, the most game-changing malware-blocking service, available to users to OpenDNS Enterprise.

But as we’ve seen countless times, with more ground to cover comes more fraud and crime. Many critics of ICANN’s move to add more domains see the potential for more:

- Cyber squatting, which is the practice of registering a domain using a trademarked brand that doesn’t belong to you. Highly annoying to Internet users and costly to brands.

- Typo squatting, which is like cyber squatting, but using a typo’d variation of the trademarked brand. Also highly annoying to Internet users and costly to brands.

- And generally more cyber crime and confusion among Internet users created by a change to the way domains are structured.

We’ve often said that the bad guys on the Internet tend to be one step ahead of the good guys, making the task of delivering an effective security service both very challenging and in a constant state of evolution. So when supporters of ICANN’s move argue that ICANN has no intention of allowing the new domains to act as a platform for crime, we can appreciate the perspective, but have little confidence that will ultimately be the case. Cyber squatting and cyber crime account for more than $1B in revenue annually, and when that kind of money is at stake, the bad guys find a way to be effective. Scott Pinzon, director of marketing and outreach at ICANN offers the perspective that, “new gTLDs represent a platform for innovation.” And goes on to say, “no one can predict what smart people will do with them. Lots of new business models will be invented. Some will work. Some won’t.” We agree with Scott, but also have a front row seat to the counterpart, sophisticated criminal activity that follows innovation.

Some of you will remember when the country of Cameroon was opportunistically assigned the .cm TLD and wildcarded all .cm domains. The country made a nice profit, but it confused masses of Internet users who’d accidentally made a typo when trying to get to a .com. We acted swiftly and delivered a feature that automatically redirected you to .com when you typed .cm.

In relation to the recent ICANN changes, there’s a great deal we can do as your DNS service to help ensure the Internet remains a safe place for you and yours to browse. It’s unclear at this point how successful these new domains will be and how much traction they’ll see, especially because at an upfront fee of $185k, the new gTLDS are not accessible to everyone.

Have thoughts on the topics above? Agree, or passionately disagree? Predictions for what kind of repercussions the Internet will see? We’d love to hear them in the comments.

How to Block .xxx Using OpenDNS:

In the immediate term, users of OpenDNS services with content filtering that want to block all .xxx domains on their networks can follow a few simple steps. Simply locate your “always block” or blacklist and add “xxx” (without the dot). Hit save and the change will take effect.

As with all of the advanced functionality OpenDNS has built atop our superfast recursive DNS service for businesses and schools – like the Web content filtering, phishing protection, and stats available in OpenDNS Enterprise –  our malware and botnet protection innovates on traditional offerings, and it works on any device connected to the network (including, say, an iPad that an employee brought from home).

OpenDNS blocks malware and botnet attacks before they can infect a network. We aren’t terminating an existing malicious connection, or cleaning up a breach that’s already occurred; as soon as OpenDNS sees an attempted connection to a malicious domain or IP address, we block it. A side benefit is that if an infected device is brought on to a protected network, OpenDNS can make sure that the infection doesn’t spread to other connected devices on the network if they do so via external command and control.

OpenDNS Dashboard Malware Notice

If you’re wondering why this matters: when Vanderbilt University switched to OpenDNS Enterprise in 2010, they blocked 1.5 million malware attacks in the first four months following the deployment. That’s 1.5 million potential data leaks thwarted, and 1.5 million device cleanups avoided.

It’s certainly something to think about, as the threat of malware and botnet attacks continues to escalate.  If you don’t have any malware or botnet protection for your organization, or you’re thinking about adding another layer of protection to your network, consider trying out OpenDNS Enterprise as your first line of defense.

We couldn’t wait to share the story of Shafer’s Tours, which flexibly accommodates custom charters and tours for nearly-endless East Coast and Mid-Atlantic destinations. Operating more than a dozen luxury motor coaches, and serving a wide variety of groups that charter the buses and join the tours, the Safer’s Tours IT team was faced with an interesting challenge: How do you secure the Wi-Fi hotspot on a moving target? The team exhausted countless ideas for how they could conserve precious bandwidth onboard the buses, and prevent malware from being downloaded over the network, but they continued to encounter the same two issues: Installing appliances on every bus is cost prohibitive, and no adjustments or monitoring could be made to the network while the buses were in motion.

As luck would have it, Tim Watson, IT manager and safety director for Shafer’s Tours, was separately evaluating OpenDNS Enterprise for use on Shafer’s Tours corporate network. He quickly realized that the unique way OpenDNS Enterprise handles content filtering and malware protection makes it the ideal solution for securing his moving targets, too. In no time, his team was able to set up OpenDNS on both Shafer’s Tours’ corporate network and the individual WI-Fi hotspots for the buses without installing any appliances or provisioning any software. And, because OpenDNS Enterprise settings can be changed remotely, and updates are delivered in real-time in the cloud, they don’t have to worry about waiting for buses to return to home base to make changes.

Since setting up OpenDNS Enterprise, the Shafer Tours IT team hasn’t looked back. But don’t take our word for it. The Shafer’s Tours IT team tells us, “OpenDNS Enterprise is the only service that makes sense.” You can read more about how Shafer’s Tours is using OpenDNS here.

If your company is using OpenDNS Enterprise to solve an interesting problem, give us a shout at Success@OpenDNS.com. We’d love to share it right here.

Each month, OpenDNS wants to buy dinner for a different user group that’s focused on technology. It makes no difference to us whether your group discusses hardware or hacking, speaks JAVA, PHP or Ruby, prefers servers or the cloud, or is a Mac or a PC (or Linux/Unix/Other for that matter). All we care about is that you’re well-fed while you’re talking tech and that you’ve got plenty of caffeine to keep the discussions lively. And, we’ll provide plenty of sought-after OpenDNS stickers to pass around and a few t-shirts to give away!

If you’d like OpenDNS to help feed the hungry crew at your next meeting, just give us the basic details - how often you meet, how many members, focus for the group, helpful links, etc. – and we’ll take care of the rest. In addition to providing some hearty chow, we also want to feature your user group in an upcoming issue of the OpenDNS newsletter, so we can highlight your awesomeness for the masses. This is your chance to share details of your group with millions of OpenDNS users so go ahead and boast.

We’ve always tried to make the process of Domain Tagging so easy that anyone – from IT Pros to parents to academics – who wants to get involved can do so easily while committing as much or as little time a they’d like. And now we’ve taken that one step further.

Behold! The Domain Tagging Firefox Toolbar!

Until just recently, voting on domains was done by visiting the OpenDNS Domain Tagging community page.  Now, with the help of the Domain Tagging Firefox Toolbar, anyone can easily vote on domains on the fly!  The process is easy.

1. Get the OpenDNS Domain Tagging Firefox Toolbar.
2. Choose how you’d like to vote on domains. You can either tag the domain you’re currently visiting or you can get more involved by switching to “Random Domain” mode.
3. Once you’re on the domain you’d like to tag, select from one of the 56 categories available from the drop-down menu.
4. Click “Vote Yes.”
5. Pro tip:  Clicking the “Auto-Cycle” checkbox will automatically take you to a new website to vote on once you cast your vote!

That’s all it takes to make the Internet safer! Once a domain gains enough votes, it moves its way into a separate queue where it is then reviewed and finalized by the OpenDNS team and our worldwide army of OpenDNS Domain Tagging Moderators.  The more votes you cast, the more you help to strengthen the OpenDNS Community and sharpen the content filtering blade.

It’s important that before you use the toolbar, you read through the category descriptions to make sure that you fully understand them and read through the toolbar info page for smooth sailing.

So come on down and cast some votes!  The more you vote, the more you help.  And the more you help, the stronger OpenDNS gets for 30+ million OpenDNS users around the world!

As the world’s largest DNS provider, more than 30 million people rely on OpenDNS to connect to the Internet. Without functioning DNS, you’d need to know the IP address for every website you visit. And lots of parents, schools and businesses rely on our website to manage their DNS and Web security settings. All that said, taking our service or website down for a day is not an effective way for OpenDNS to show our firm opposition to the bills. Since folks on Twitter and elsewhere are asking, we will be showing our support tomorrow, but we will not be taking OpenDNS offline.

What is an effective way for us to show our opposition is to censor search results on our Guide. One component of our service, OpenDNS Guide, helps give users a more thoughtful next step when navigating the Internet than the dead end of a 404 error. So when users of our free services attempt to visit a website that’s having technical issues, we show them search results that are based on what they entered in their search bar.

For one business day starting at 8 AM Eastern time tomorrow, we will randomly redact the text of search results appearing in OpenDNS Guide pageviews. This is not a decision we take lightly and we’re fully aware it can, and will, create a frustrating experience both for our users, and for owners of websites being censored. But with 30 million+ users we have the equivalent of a megaphone on the Internet. We feel it’s our responsibility to demonstrate the near-random methodology SOPA and PIPA propose to determine those websites contributing to piracy, and also what the Internet would look like if their fate was to be blocked.

It seems the efforts of the Internet community are making progress in the fight against these ill-informed bills. The White House issued a response, and now Lamar Smith has followed Patrick Leahy’s example, backpeddling and vowing to remove the DNS-blocking component of SOPA. Keep it up, friends.

“Through this process, [I] have continued to hear concerns about the Domain Name provision from engineers, human rights groups, and others. I remain confident that the ISPs — including the cable industry, which is the largest association of ISPs — would not support the legislation if its enactment created the problems that opponents of this provision suggest. Nonetheless, this is in fact a highly technical issue, and I am prepared to recommend we give it more study before implementing it.”

It would seem the most knowledgeable people in the world about the Domain Name System and how the proposed technology would impact the Internet — whom are vocal in their opposition to the bills — are finally getting through to Leahy and other legislators. This list of folks includes us, the world’s largest DNS provider. OpenDNS stands firmly against SOPA and PIPA. I’ve spent time in Washington D.C. in an effort to educate decision makers about the detriments that lie ahead should the bills pass. I’ve authored and signed letters. I’ve blogged and spoken out. And our efforts are working.

It’s critically important that Leahy follows through on his commitment, and that everyone in the technical community continues to use their expertise to educate non-technical government officials associated with the bills. Because while Leahy appears to be acknowledging that his bill is imperfect, SOPA co-sponsor Rep. Lamar Smith is standing his ground. “It is amazing to me that the opponents apparently don’t want to protect American consumers and businesses,” he told Reuters. Sadly, his rhetoric couldn’t be further from the truth. Hopefully someone on his staff will show him this blog post to point out the ridiculousness of his bill.

So, a small victory, but for now the battle against both bills rages on.

If you want to get involved, AmericanCensorship.org is an excellent resource.

Gadgets proved especially popular in my family this past holiday season, as I’m sure it did for many others. My brother got an Xbox 360, while my mom loved her new Kindle Fire. Meanwhile, friends of mine around the office unwrapped their new iPads, Android tablets, and smartphones.

Some folks may be looking to add some parental controls to these devices: you might be looking to block adult content on your iPad if you got one for your family this season. I’m happy to report that, no matter what new Internet-connected device you added to your network this season, OpenDNS can protect it. Best of all, there’s no additional software to install, and it’s completely free. If you can use the device to surf the web, we can protect it while it’s connected to your home’s wi-fi network.

Of course, you’ll get the other benefits of OpenDNS’s Free Parental Controls too, regardless of whether or not you choose to enable Web filtering: phishing protection, and an overall safer, faster, smarter and more reliable connection. While I don’t need to set up any parental controls on my mom’s new tablet, I’m sure she’ll appreciate the added phishing protection.

To add parental controls to your iPad, iPhone, Wii, Kindle Fire, Android tablet, or other device on your home network, you just need to set up OpenDNS on your home router. If you already have, you should be seeing the benefits automatically, without any additional configuration. One small caveat, though: if you’re looking to add OpenDNS’s Free Parental Controls to your Amazon Kindle Fire, you’ll need to disable the accelerated Web browsing for it to work (but don’t worry — OpenDNS speeds up websites, too!).