Random thoughts: DNSCrypt is a good computer security tool

I use OpenDNS because it’s free, it speeds up the Internet a bit for me, and it protects against DNS cache poisoning; also, it doesn’t require a computer science degree to understand. You can set it up easily and forget about it.

They just came out with a new product (again, free and easy to use) called DNSCrypt, and I highly recommend it. (Disclosure: I’m not associated in any way with OpenDNS, other than as a user of their free products.)

Flashback and Flame

In April, Mac users found themselves in “a new era in Mac security” when it was announced that the Flashback Trojan had infected more than half a million Macs, which until then had been considered much less vulnerable to hacking than PCs are.

No problem: I’ve got a PC and use a hardware firewall as well as a good Internet security program/antivirus. I’m protected, right?

Not really. The Flame malware has been found to “hijack” Windows Update in order to infect machines in what’s known as a man-in-the-middle attack.

That’s a very nasty trick.

Solutions

These are serious problems, whether you use a Mac or a PC. Fortunately for Mac users, OpenDNS protects against the Flashback Trojan.

In their blurb on DNSCrypt, which is available for both Mac and PC users, OpenDNS doesn’t claim to protect against Flame; however, the new program is designed to protect “the last mile” against man-in-the-middle attacks, and they do say, “DNSCrypt has the potential to be the most impactful advancement in Internet security since SSL, significantly improving every single Internet user’s online security and privacy.”

This was worth checking out in spite of that awful coined word “impactful” and even though my computer has never been infected by Flame, as far as I know. Who knows what else is out there that hasn’t been discovered yet?

How it has worked so far

I downloaded DNSCrypt on my work computer and set it up this week alongside my very complicated transcription platform that is great to use but often very “fussy.”

The transcription program didn’t seem to notice the change. In fact, the only problem I had was getting knocked offline with the “fall back to insecure DNS” option set. There have been no more problems since I switched over the more secure “TCP over port 443” option. In fact, I think the Internet connection is, once again, a little bit faster.

So overall DNSCrypt is working well. I do feel more secure with it on board and wanted to pass the word along. It’s a useful product from a reliable Internet security source, and it’s free and easy to use.



Categories: Random thoughts

Tags: , , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: