Listen to the Podcast
29 May 2020 - Podcast #695 - (24:42)
It's Like NPR on the Web
If you find the information TechByter Worldwide provides useful or interesting, please consider a contribution.
If you find the information TechByter Worldwide provides useful or interesting, please consider a contribution.
"Is (unnamed internet service provider) really slow today or is it just me?" That's a question that popped up in a neighborhood group on Facebook recently. The conversation led to a discussion of domain name service (DNS) settings because some people saw slow service while others didn't.
The three-letter internet service provider being discussed provides what may be the worst DNS in Ohio, if not on the planet, and it's an essential piece of what makes the internet work. DNS is largely invisible, though. Internet service providers such as Wide Open West, Spectrum, Comcast, A&T, and others provide their own DNS servers and those are the ones that you're using unless you've done something to change them.
The obvious questions are: Why make a change if the ISP provides the service? and Why is the domain name service so important?
Let's start with why it's important. The internet has no idea what "techbyter.com" is. The operation is a lot like ancient telephone systems that depended on an operator saying "Number please" when the user picked up the telephone or used the crank on the side of the phone. And, yes, this predates even me.
After the caller gave the operator the name or number of the person they wanted to speak to, the operator plugged a cable into a socket on the console and rang the phone belonging to the person being called. When the person answered, the operator dropped off the line (maybe) so that the conversation would be private (except for anyone that might be listening in if you had a party line).
That's similar to what happens when you type "techbyter.com" into the address line of a browser and press enter. The browser sends a signal to that's intercepted by the domain name service. The DNS has a gigantic look-up table that lists the internet protocol (IP) address of every known domain, so it searches through the table and finds that the IP address for "techbyter.com" is "67.222.41.89".
The DNS then forwards your browser's request to the internet backbone that has its own routing tables that explain (in computer-speak) how to get to 67.222.41.89. What happens then is anybody's guess. Actually, it's a bit more predictable than that, but the connection might go from suburban Columbus to Cleveland, Chicago, Denver, Los Angeles, and Orem, Utah. But it might also connect from Columbus through Washington, Dallas, Denver, and San Francisco to Orem, Utah. The route varies because the applications that run the internet try to identify the best route at any given time. So this is what the operator did in the old phone system.
But does the operator then step out of the way? Maybe, but probably not. The ISP can see everything sent from or received by your computer unless you have an encrypted connection that uses virtual private network (VPN) software. That's a story for another time. We're supposed to be talking about the domain name service now, so maybe it's time to get back to the main topic.
If the DNS your internet service provider uses is inefficient or slow, the connections take longer. That's why it's important for the domain name service to be fast and reliable.
Click any small image for a full-size view. To dismiss the larger image, press ESC or tap outside the image.
So why not use the ISP's DNS? The most obvious reason is that third-party domain name servers are generally better. One silly example: Type "gogle.com" into the browser's address bar. Some companies register common misspellings of their domain names, but Google hasn't registered "gogle". The ISP's DNS might tell the browser that it can't locate an IP address for that domain and the browser will display a "server not found" message. I can't demonstrate that with "gogle" because of a clever trick my third-party DNS uses, so I tried "sfsdwesf.com" and that domain definitely does not exist.
Third-party DNS servers often know about common misspellings, so if I type "gogle.com" into the address line, I'll still get to the Google main page. Third-party DNS servers also sometimes know about about sites that are used for phishing or that serve malware. Some browsers have stepped in to help with that function, but it doesn't hurt to have a DNS that watches your back.
Two of the best known third-party domain name system providers are OpenDNS and Google.
If you have just a single computer, changing the DNS settings will depend on the operating system the computer uses and that complicates the process. Fortunately, How to Geek has an outstanding summary that explains how to change the DNS settings for Windows and MacOS computers, Android and IOS phones and tablets, and even Chromebook systems.
Because most people have multiple computing devices at home and they're all connected to a router that connects to (or is part of) the internet service provider's modem, we'll take a look at how to make the router change. I'll demonstrate this with a Netgear Nighthawk X10 R9000 router, but every router will have similar settings.
Start by opening the router's control panel and, before going any further, look for any messages about firmware updates. If one exists for your router, download it and install it because virtually all updates for router firmware address security issues.
Updating the firmware will require a router restart, so make sure anyone who's connected to the internet via the router knows you'll break their connection. In other words, you'd be wise to wait — if somebody is working from home — until the end of the workday.
Also, if you never changed the router's administrative password, do that while you're here. Most manufacturers create an administrator account that's almost always called "admin" with a password of "admin" or "password". Leaving these in place is dangerous. You probably can't change the user name, but you can change the password. Do that.
Now that the housekeeping measures are out of the way, look for an item called "internet", "wan", "modem", or "external" on the router's interface — something that clearly implies the outbound signal. Click that and then locate the section that refers to the DNS address. "Get automatically from ISP" will probably be selected and this is what you want to change.
Click the option to specify your own DNS servers and then fill in the IP addresses for one of the third-party providers. The user interface probably has spaces for three DNS entries. You need only two.
My preference is Google's DNS but either choice is fine. Just be sure that you get the numbers exactly right. Some routers require that you click a button to update the setting; others save settings automatically.
If you want to try other DNS providers, here's a list:
These are all free for non-commercial (home) use. If you run a business with dozens or hundreds of computers, you'll need to sign up for a commercial plan.
The router interface will probably have three slots for DNS IP addresses. I generally fill in only two, the primary and secondary for a provider. The router will query the primary server first and move on to the second if it encounters a problem. Adding a third DNS entry would give the router a third option if there's a problem with both the primary and the secondary.
I've never felt the need, but some people recommend using three different services. (For example: Google for the primary, Open DNS for the secondary, and Verisign for the tertiary.)
Making the change is easy and it might improve your browsing experience. The domain name server is also used by any other program or application on the computer that needs to connect to another device on the internet.
In the far distant past, Macs had the reputation of being more secure than Windows machines. To some extent, this was true and Mac users still face fewer threats than Windows users. It's still a good idea to give security some attention.
You don't hear much about Macs on TechByter Worldwide because I use a MacBook Pro far less than my various Windows computers, Android phone, and IPad. It's a fine little machine that can use the dual monitors, keyboard, and mouse that are normally connected to the primary Windows machine, but Windows is the operating system I'm most used to. I do try to make sure the Mac is as secure as I can make it, though.
The MacOS still has a far smaller market share than Windows, and that makes it less attractive to crooks; but MacOS machines are popular in the offices of corporate managers, and that makes them a lot more attractive to crooks that want to break into corporate systems.
MacOS machines have security options that are similar to those found on Windows machines, and some that are options for those who understand Linux that lives beneath the attractive MacOS user interface. There are some basics that everyone who uses an Apple computer should use to keep the machine safe, but there are more similarities than differences between measures for Macs and measures for Windows.
Use a Secure Password: I'm always shocked when I find a computer user who believes passwords aren't necessary. The MacOS allows you to log in automatically. This is a bad idea. If the computer is stolen, anyone can log in as you. So just plan to enter the password every time you start the computer.
The password should be something that's strong and memorable. "123456" is neither. Anything you think is cute, such as "letMEin" isn't either. Think of something that you'll be able to remember but that nobody can guess. "W@LiAyS1966Paul" Here's the clue: We All Live In A Yellow Submarine was released in 1966 and was written by Paul McCartney. My primary Windows password, which I also use on the Mac, is based on the names of several cats I've lived with, one component of an address where I've lived, and the partial name of a town. Over the years, I've been owned by more than a dozen cats, have lived at several addresses, and have memorable associations with many towns. Even my wife would never guess that password.
So you have a user name and a strong password. Great! Does anyone else use your computer? If so, that person should have an account and a separate password. This is just good practice.
Consider Installing a Protective Application: Even though Macs are targeted less frequently than Windows machines, it's a good idea to run an antivirus program. Many of the organizations that publish antivirus applications offer free versions that omit some of the more advanced features.
For most people, the free versions are adequate and might even be preferable to ones you pay for. That's because the paid versions usually layer on functions that slow the computer's operation and can get in the way. AVG, Avast, BitDefender, McAfee, Kaspersky, Norton, and TotalAV all have free versions.
Be Careful when Installing Applications: Before downloading and installing any application, make sure that you're downloading it from an honest and reliable source. It's not uncommon for third-party download sites to package applications with add-ons you don't want, so always download from the developer's site or from a trusted resource such as Older Geeks. Some people suggest downloading apps only from Apple's Mac App Store because Apple reviews every application that's offered, but many people find that too limiting.
Think About Turning FileVault On: When activated, FileVault automatically encrypts the data so that crooks can't access the information if they steal the computer. FileVault requires the user account to have a password.
If you keep little or no proprietary data on the computer, this might be overkill; but think about what's on the computer. Do you have banking information with account numbers on the disk drive? If you're in business, do you have a list of clients or business plans on the disk?
When you set up FileVault, it will take a while to perform the initial encryption. After that, it's automatic and fast. You may notice some slight delay in opening files, but the decryption process is so fast that you probably won't.
Install a Virtual Private Network Application: A VPN is essential if you travel with a portable Mac and use it on networks you don't control — and particularly if you connect via public Wi-Fi networks.
Even for use from home, a VPN will keep your internet service provider from snooping. Without a VPN, the ISP can see searches and may use that information. Some ISPs sell user information and a VPN eliminates that risk. Internet connections will be a bit slower, but you may consider the trade-off to be worth it.
There's no shortage of crooks out there, so protecting your computer — no matter whether it runs MacOS, Windows, or Linux — is a good idea.
When I was a kid, back when televisions were beginning to be installed in homes, a Farnsworth radio found its way to my bedroom. It was a floor model, about 3 feet wide, 3 feet tall, and a little more than 1 foot deep. It was my introduction to worldwide radio.
Click any small image for a full-size view. To dismiss the larger image, press ESC or tap outside the image.
There was the usual AM band, but there were two shortwave bands, one that covered the spectrum from just above broadcast frequencies to about 5 MegaHertz and another from 5 to 18 MegaHertz. What I found on the shortwave bands was interesting: Radio Moscow, amateur radio operators, shortwave stations from South America, and lots more. The radio also introduced me to a hobby called DXing — listening for distant radio stations on the broadcast band, sending reception reports, and requesting a confirmation (QSL card).
The radio no longer works, but I still have it because it looks cool and reminds me of the excitement I had as a kid listening to broadcasts from half a world away. There is a point to all this rambling, so please bear with me for a moment.
Listening to distant AM radio stations was fascinating because every station was unique in those days, a reflection of the city it broadcast from. The powerful 50,000-Watt stations in the east and midwest were easy because AM signals bounce around a lot at night. FM signals don't do that, but that radio didn't have an FM band.
Fifty years later, distance listening is less interesting because just a few companies own nearly all of the stations and so many of the stations depend on network programming. Even if that old radio still worked, it wouldn't pick up much that I couldn't hear at home.
But that doesn't mean listening to distant stations is a dead hobby. It's just changed with the times. Because there's so much repetition, it's hard to find something that's different from what you can hear locally unless you know the trick. The trick involves turning off the radio and turning on the computer.
Modern AM radios are all but useless anyway, though. I bought a new clock radio last year and use it to have the local NPR station wake me at 6. When I tried to tune some of the local AM stations, all I heard was noise. There are three 5000-Watt AM stations in my area and one of those has its transmitter less than three miles from where I live. The radio wouldn't even play it without a huge amount of noise, so the radio is on for an hour each morning, and that's it.
Most large and medium radio markets have at least one or two unique stations, but they're usually FM stations or low-power AM stations with limited coverage. But many of these unique radio stations stream their audio on the internet. That means I can listen to jazz from KKJZ* in Los Angeles as easily as I can listen to classical music on WQXR in New York City. Stations in Canada, Mexico, South America, Europe, and Asia are also available.
* KKJZ styles itself as "KJazz" on many services even though US-based standard radio stations can't have more than 4 letters in their call signs.
The key is to find stations that avoid network talk shows and find the ones that specialize in local programming. Wouldn't it be nice if there was a way to find radio stations anywhere on the planet? Such a service exists: The Radio Garden.
The interface is just a representation of the globe, so members of the Flat Earth Society should probably avoid the site. Each location with one or more radio stations has a green dot, so you can spin the globe and point at a city to see which radio stations are located there and which stations are popular there, even if they're located elsewhere.
Possibly because some international borders are contested, the globe has no geopolitical markings — no borders or place names. This means you need to know where the city you're interested in is located. It took me two tries to find Lagos, Nigeria, and six to get Moscow (at least the other 5 were all in Russia).
It's easier to use the search option, though. Type the name of a city, a county, or a station. When you find one that you're fond of, click the heart icon to make it a favorite. Not every station is a broadcast station. Radio Garden includes some internet stations and a few oddities such as the South Bay Police, Fire, and Sheriff frequency and an airport scanner in Los Angeles.
So if you're bored by the same old stuff on the radio stations you can hear with a radio, give Radio Garden a try.