Listen to the Podcast
5 July 2024 - Podcast #889 - (19:40)
It's Like NPR on the Web
If you find the information TechByter Worldwide provides useful or interesting, please consider a contribution.
If you find the information TechByter Worldwide provides useful or interesting, please consider a contribution.
In previous episodes, I’ve mentioned using a domain name service provider other than what your internet service provider offers. But how do you find the right one. It’s actually quite easy and automated.
You may think of DNS as the world’s largest phone book. It includes the IP address of every domain on the planet so you can find that techbyter.com is really 67.222.41.89 in terms the hardware and software that run the internet can comprehend. It also provides information about how your computer can request and receive information from 67.222.41.89. That’s important because the route your connection takes today may differ from the route used yesterday.
That’s one primary difference between the internet and the old telephone service or POTS (plain old telephone service). In the old days, phone calls were routed through mechanical switches and the connection was maintained until the end of the phone call. Internet connections, whether for text or music or video, depend on packets of data from the website or other service. The packets are received by your computer, possibly not even in the order they were sent, and then reassembled. Any given packet might take a different path from the ones before it or after it.
The DNS may be queried dozens of times for every packet as it makes its way from the sender to your computer. Each of those queries takes a tiny, but still measurable, period. That’s why a faster DNS can make your internet service a bit faster.
Yes, but not by much. You might notice the difference, but probably not. If you really need internet service that’s faster than what you have, you’ll need to upgrade to a faster plan. Even a ten percent increase will be virtually negligible.
There are reasons other than increasing speed to consider changing to a new domain name service provider. When you use a DNS not provided by your internet service provider, the ISP can no longer track your browsing history and sell it to advertisers. Some third-party DNS providers offer additional security features such as malware blocking and encryption. Because third-party DNS providers often have servers located in various locations, reliability and uptime may be better than your ISP’s DNS servers.
My article in April explained how to change the DNS setting on your router and provided a link to information about making the change on individual computers. But which DNS provider or providers should you choose? That’s where automation comes in.
Steve Gibson has been writing specialized software for decades and his DNS Benchmark, which is free, is the best way to find the services that will work best where you’re located.
Download the program and run it. There’s no installation, so it doesn’t tamper with your computer. Just run it from the Downloads directory.
Click any small image for a full-size view. To dismiss the larger image, press ESC or tap outside the image.
The process does take a while. Start by making sure that no big uploads or downloads are currently running on the computer. You can run DNS Benchmark without creating a custom nameserver list, but the results will be better if you take a few minutes to do that first. You’ll need to do this only once and it will take perhaps 30 minutes. When first run, the program should suggest this. If you don’t see it, select the Nameservers tab, click the Add/Remove button, and then click Build Custom Nameserver List.
Although the program contains a default list of well-known public DNS resolvers, each DNS resolver’s performance is affected by its distance from the user. No single list can be perfect for everyone. A fast resolver for a user in Los Angeles could be unacceptably slow for someone in London or Canberra. That’s why you need the custom list.
At this time, the process scans 4849 DNS resolvers around the word to determine whether they are accessible and responsive from your location. For resolvers that respond, the test measures the resolver’s minimum response time, as well as whether it appears to be operating reliably and correctly. When the scan is complete, the IP addresses of the 50 fastest qualifying resolvers are loaded so that they can be examined comprehensively by the test.
This process creates a new file (dnsbench.ini) in the directory where DNSBench.exe is located. You can view it in any text editor if you wish, but you don’t need to. The dnsbench.ini file will be loaded whenever the DNSBenchmark application is run, so you need to run the list creation process only if your location changes substantially.
After building the custom list, run the test. During the test, real-time information is displayed. The visual coding is complex and, if you want to know what it’s showing, visit the Gibson Research website. A green dot in the symbols column shows that the server is running and not doing anything questionable. Orange markers show that the nameserver is responding, but will show an advertising page if you request a domain name with a typo. Red means that the nameserver does not respond. Several bar graphs show other information:
The test will be faster than the list building operation, but it will take perhaps 10 or 15 minutes because so many additional tests are included for the 50 fastest-responding resolvers. When the test is complete, view the tabular data if you wish, but the most important information is in the Conclusions tab. I recommend skipping the other tabs and going directly to Conclusions. Scroll down and pay particular attention to any sections shown in red.
The conclusions take into account the DNS servers you’ve defined, compares your settings with other DNS providers, and makes logical suggestions.
I should note that I ran DNS Benchmark about a year and a half ago, so I expected few or no changes to be recommended.
Download DNSBenchmark from Steve Gibson’s website and find out if making some DNS changes will be beneficial.
This is the full-text list of conclusions and recommendations for my computer.
The results summary, conclusions, and recommendations from your most recent run of this DNS benchmark are provided below. Please carefully consider the implications of making any changes to your system’s current configuration before doing so.
System has multiple redundant nameservers configured.
This system is currently configured to use 2 separate nameservers for DNS name resolution. This is in keeping with recommended best practice (of having at least two different nameservers) so that the temporary failure of any single nameserver will not prevent all DNS name resolution.
All system nameservers are alive & replying to queries.
All of this system’s 2 nameservers are working and replying to queries. This is terrific because if the system’s primary nameserver were to become overloaded or unavailable, even briefly, one or more backup nameservers are standing by ready to supply DNS lookup services.
System nameservers are NOT ordered for best performance!
Windows uses DNS servers in the order they are listed under the network adapter’s properties, or when obtained automatically from an ISP, in the order provided by the ISP. Windows will fall back to using the second, third, and other nameservers only when the first listed nameserver fails to respond. So if the first nameserver happened to be very slow, but working, everything would be slowed down. Consequently, the order of nameserver listing should match their order of decreasing performance . . . but this is not how this system is currently configured:
In this most recent test, a faster nameserver was listed in order after a slower one. The following table shows the order of this system’s usage of its configured nameservers versus their comparative performance ranking:
Usage Order Nameserver IP Speed Rank
----------- --------------- ----------
1 1. 1. 1. 1 2
2 1. 0. 0. 1 1
With at least 95% Certainty. . .
You have received this "red flagged" message because there was enough of a statistically significant difference between the benchmarked nameserver performance for this program to make a highly confident determination that improvement is possible by "re-ordering" this system’s nameservers.
Recommended Actions:
Before you make any changes: Even though there appears to be a statistically significant difference in the measured performance of these nameservers, you should re-run the benchmark - perhaps at different times of the day, and even on different days - to verify that the current configuration consistently produces this "misordering" note (the slower nameserver might just be having a bad day.) If the trouble persists, then changing the nameserver order will definitely improve your system’s Internet performance!
System nameservers are SLOWER than 38 public alternatives!
This benchmark found 38 publicly available DNS nameservers that are reliably faster than the slowest nameserver currently being used by this system. If you were to adjust your system’s configuration to use the faster of these nameservers instead of what it is currently using, your DNS lookup performance, and all use of the Internet, would be improved.
Recommended Actions:
With at least 95% certainty: Based upon a statistical analysis of the spread in timing value samples received during the benchmark, there is at least a 95% certainty that the performance conclusions stated above are correct. But even so, since changing DNS nameservers requires thought and effort, it’s something you want to be sure about. Therefore, since these results represent a single snapshot in time, you may wish to confirm that the faster alternative nameservers are consistently faster than your system’s currently configured nameservers, and that those public alternatives don’t have any negative characteristics such as being colored orange to signify that they redirect mistaken URLs to an advertising-laden search page rather than returning an error (which will be a concern to some users).
You may also wish to check the relative performance at different times of day to make sure that the performance improvement over your system’s current nameservers is reliable throughout the day.
And you may wish to make sure that the alternative nameservers are enough faster than what you are currently using for the improvement to be worth changing away from what you’re currently using. (This test is only saying that it’s 95% sure they are any amount faster.)
This system’s nameservers are 100% reliable.
DNS reliability is extremely important, since lookup requests that are dropped and ignored by nameservers cause significant delays in Internet access while the querying system waits for a reply. The system is then finally forced to reissue the query to the same or to backup nameservers. While your system is patiently waiting for a reply, you are impatiently waiting to get on with your Internet access.
During this benchmark test, all of the system’s nameservers tested returned a reply for every request sent. It doesn’t get any better than that. Very nice.
All of this system nameservers return errors.
This is a GOOD thing! Some DNS providers, such as OpenDNS and even the Earthlink, Roadrunner and Comcast ISPs, redirect incorrectly entered URLs to their own advertising-laden marketing-driven interception page instead of simply returning an error to the web browser. But this system’s nameservers are returning errors when asked to lookup non-existent domain names.
System nameservers are replying to all query types.
During the development of this DNS Benchmark we discovered that the routers used by some pre-release testers were not returning results for the benchmark’s Uncached and/or Dotcom testing queries. Even though these queries are admittedly unusual, they are completely valid. So the only conclusion was that those few routers were inherently defective. The good news here is that your nameservers are replying to these unusual but valid queries.
When you sell an old computer you’ve retired or a disk drive that you’ve replaced with a newer or faster disk drive, it’s a good idea to clear your data from the old device.
Fortunately, that’s easy to do. Some applications such as Bitdefender Total Security and most disk partitioning utilities include a disk wipe function. If you don’t have one of these, there are free open-source utilities such as DiskWipe.
Maybe you’re wondering why you need to do anything at all. Just delete the files and empty the trash. As reasonable as that sounds, it doesn’t really eliminate the data. Deleting a file simply means marking it as deleted, but the bits that make up the data are still there and the files can still be recovered.
If you’re selling a computer, use the Windows Recovery function and then choose Reset with the “remove everything” option, which deletes your personal files, installed programs, apps, and settings. Whoever buys the computer will need to create a new account, install applications, and establish settings as if the computer was brand new.
Click any small image for a full-size view. To dismiss the larger image, press ESC or tap outside the image.
Most of the time, that’s sufficient unless you’re a criminal or a terrorist and you’re selling the computer to a federal three-letter agency such as the FBI, CIA, or NSA. If the computer has more than one drive, either physical or logical, you should also format the other drives (not the boot drive) making sure you have turned off the “quick format” option.
Both Format and Quick Format prepare the disk for use by organizing its file system and removing any existing data. Quick Format is fast because it only removes the existing file system structure and replaces it with a new one. It doesn’t check for errors or perform a thorough scan. Data recovery software can retrieve the old files. Starting with Windows Vista, the full format also writes zeros to the disk drive. That’s why it’s adequate for all but the most security conscious (not to say paranoid) users. While the quick format process will take just a few seconds, a full format will take much longer and the amount of time required will depend on the size of the disk.
When you need to clean a disk drive, you can ensure that any data remaining on the disk has been eliminated by physically damaging the drive. Hammers, drills, and hydraulic presses all work well, but they destroy not only the data but also the drive and its resale value. DiskWipe eliminates the data but leaves the drive in workable condition. A 64GB thumb drive required more than 30 minutes to be prepared using the standard format process.
DiskWipe is a portable application, so you just download it and run it. The main screen lists all connected disk drives and external memory devices. This is a relatively old program, dating back to Vista, so the interface is dated. Possibly for the same reason, DiskWipe throws an “invalid floating point operation” error when the I selected a thumb drive. This didn’t happen when I selected other standard or solid-state drives. The error does not affect the program’s operation; if you see it, just click the OK button.
DiskWipe’s first screen shows information about the disk drive (label, serial number, file system, and such) and there’s also a View Data button. The image shows data that remains on the thumb drive even though I’ve formatted it using the quick format option. Specialized disk utility tools would allow the deleted files from a formatted disk to be recovered.
To wipe a disk, click the Wipe Disk button and choose the file system type. Then choose the erasing pattern. The One Pass option is the same as formatting the drive without using Quick Format. If that’s your choice, you might as well just use Windows to perform the task. Each of the other options make multiple passes and some write complex patterns of data. The more complex, the more time the process will take. A large drive being wiped with the Peter Guttman pattern might take days to complete.
After selecting the pattern to use, follow the process to launch the operation and then go out to lunch, or maybe leave for a long vacation.
Maybe you’re wondering if the time required is worth it. If you’re preparing a computer for a family member, I think not. Just create a new user and format any additional drives, with or without the quick option. For sale to others, use a normal format. And if you’re selling the computer to someone you don’t know or don’t trust, or donating it for reuse, consider one of the wiping options.
Excire Search and Excire Foto help photographers find the images they’re looking for in a digital photography catalog of tens or hundreds of thousands of images. But it also has a secret life as a crime fighter.
The applications depend on artificial intelligence to examine and analyze photos, and all of the analysis happens on the user’s computer. The AI has been developed by Pattern Recognition Company, a business founded in 2005 as a spin-off of the University of Lübeck. Pattern Recognition Company’s expertise is in developing AI products and applications for automated image analysis is based on experience in machine learning, neural networks, and computer vision.
As it turns out, Excire’s underlying technology has now been integrated into X-Ways Forensics, a program used by digital forensics experts around the world to investigate crime, analyze suspicious activity, and support security operations. The X-Ways Forensics software includes an Excire Forensics module that relies on Excire’s computer vision models to inspect images for a wide array of content such as weapons, drugs, animals, food, and structures.
The Excire Forensics module integrated in X-Ways Forensics analyzes photos and recognizes image content so investigators can find photos that are similar to an existing photo. There are options to find faces of specific people in photos of new cases and it works with all common photo image formats.