MyLAD

takes you back to before the Internet

How It Works | Download LAD | Support | LAD Security | Features & Uses | Resources | Members | User Guide

Down the Rabbit Hole — How "Secure DNS" Keeps Hackers Safe From You

Since the dawn of the Internet, the Internet relied on DNS. DNS is a system for connecting domain names, which are easy for people to remember (e.g., google.com), to IP addresses, which are easy for computers to work with (e.g. 192.168.0.1). This system for translating domain names to IP addresses is called DNS, short for Domain Name System.

And what about the hackers?

It should be no surprise to hear that hackers use domains names just like everyone else. They are convenient, easy to manage and cheap. "Secure DNS" is a boon to malicious actors, as it hides their workings from computer users and network administrators. "Secure DNS" is an equal opportunity encryption for legitimate and malicious DNS requests alike.

From the beginning the Domain Name System was very simple — and it had to be, because it had to be fast. Every time you wanted to go to a website, your computer sent out a single packet of information containing the domain name you wanted to go to and asking for its IP address to the authoritative domain registry. The response was also typically one packet, so for every domain name you visited your computer used up two packets to get you where you wanted to go. Most importantly, over the years a lot of software and appliances were developed for people to discover and keep track of their computer's DNS requests, making it easy to find out where their computers were going. The value of this information is self-evident for anyone interested in privacy and security, as it allowed people to block off the domain names they felt were unnecessary, unwanted, harmful or intruded into their privacy.

Unsatisfied with such a simple, transparent system, in the name of privacy and security, tech companies modified their browsers to make them encrypt your computer's DNS requests and hide the contents of those packets from your prying eyes. They also increased the number of packets, for good measure, and what used to be simple, quick and transparent became complex and opaque, all in the name of your privacy and security. This is some times referred to as "secure DNS," "encrypted DNS" and other similar terms.

So what did they actually do? The tech companies applied TLS, an encryption mechanism, to your browser's DNS requests and redirected those requests to themselves. Instead of your DNS requests going straight to the horses mouth, that is, to the authoritative domain name servers of the DNS system, the tech companies inserted themselves in between and answer your DNS queries themselves, thus becoming the gatekeepers of the Internet and regulating where you are allowed to go, what you are allowed to see and what you are not allowed to see. You just have to trust them, that their results are correct, up to date and error free.

What does LAD do? LAD makes it possible for you to descrypt those DNS packets and restore the status quo. LAD returns to you the ability to not only keep track of where your computer is actually going on the Internet, but also makes it so that the locations where it goes are verified and authenticated, just like it used to be. More importantly, it returns your right and ability to block and control what domain names your browser connects to.

Why is this so important? In abstract terms, you are the best arbiter of your own privacy and security and you shouldn't be forced to farm it out to any tech company, unless you choose to do so. In practical terms, with "Secure DNS" your browser is sending your computer to various websites that peddle ads or other content (even malware or spyware), in the name of "harmless advertising" and "improving the user experience," while in reality it is just plain data harvesting and spying.

This all is easily managed and blocked by decrypting the DNS packets, and LAD accomplishes this elegantly. LAD doesn't actually tell anyone that anything is blocked, but leads the ad trackers and others to believe that their mothership server is just temporarily available at this time, but should come back soon to receive the next bunch of data (but it never comes back, LAD makes sure of that, unless you decide to unblock it).

All of that spying stuff isn't smart enough to figure it out, but in time they most likely will. But, so what? What are they going to do? Make you unblock it? Either way, with LAD it would be your decision – a decision that is currently out of your hands. Without LAD you do not even have a choice to make, because it is all hidden from you, because you are not actually allowed to see who your browser is communicating with in your name, nor where it is clicking around.

It's time to climb out of the rabbit hole.

Download LAD | Learn More About LAD | LAD for Home | LAD for Business | DIY VoIP PBX

What is LateralAccessDevice? It is software that you may install on your own equipment to gain all of the capabilities described above, plus a lot more, with a user interface designed for non-experts to use. We designed our LateralAccessDevice software to bring the feature-rich capabilities of our commercial, enterprise-grade network appliances into the hands of individuals and small-sized and medium-sized organizations with an intuitive, easy-to-use interface and practical suite of features and functions.

LAD: LateralAccessDevice is software that turns a computer chassis into a high-performance, multi-purpose Internet / network tool that combines multi-dimensional firewalling, network monitoring, access control, packet capture, DNS, NAT and a host of other applications into one easy to use, integrated, high-security package. LAD takes you back to before the Internet!