Web Sites, Domains, and the DNS

 Computing  No Responses »
Jul 282013
 

Having recently assisted with getting my sister’s business web site online (the domain and DNS side of things), it occurred to me that many people assume that it is all the same thing. Which is most definitely not the case, and believing so leaves you open to being ripped off. It is not unknown for hosting companies to “make it easy” for you to perform the whole job of registering a domain, making the relevant DNS changes, and setting up your web site. Often by hiding as much of the detail as possible.

That would be fine if that were all they did, but it isn’t. Sometimes they go out of their way to imply that if you want to change hosting companies, then you have to get a new domain, and it can take quite a bit of digging to find out how to transfer the domain elsewhere. Now it is easy to think that this doesn’t matter too much, but the longer you use a domain, the more you want to stick with it. Especially if you have a blog site that is not entirely unpopular … an older domain with lots of content has value. And the more successful you are, the more likely you are to want to change hosting companies.

Other hosting companies may offer better value on web sites with lots of visitors, or perhaps you are blogging in a controversial and need some sort of added protection against hackers, or you just “grow out” of a simple web site editing tool and want to get down and dirty with the HTML.

So it may well be worth your time finding out a little bit about this stuff in advance, and registering a domain separately to the web hosting. Or get a friendly geek to do so.

The Web Site

At their very simplest, web servers are nothing more than simple file servers. A web browser asks for an object (“give me http://zonky.org/index.html”), and the web server responds with the object (“It’s an HTML object, and here it is.”). Even on the most sophisticated web sites, the overwhelming majority of objects that make up the web page that you see, are simple files. And when you graduate to advanced features such as server-side languages (PHP, Java, etc.), the conversation between the web browser is still relatively simple one consisting mostly of simple requests for objects.

The key part of asking a web server for an object is that you need some sort of identifier for that object. This is known as the URL … Uniform Resource Locator, which could be called a “web address” (although URL is also used for non-web things). The key part (as far as we’re concerned here) is the host part of the URL. This performs two functions :-

  1. If it is not already a network address (IP address), then the web browser uses the DNS to get a network address. This is used to determine what web server to talk to.
  2. It is also included in the request to the web server. This allows the web server to distinguish between different “virtual servers”.

When it is not a network address, the host part of the URL is also known as the domain. Which brings us to the next topic.

The Domain

Domains and the DNS are very tightly associated, but in theory you could register a domain without having a DNS service. In practice it is rarely done … and almost always when you are running your own DNS service, in which case you will probably not be reading this!

But domains are distinct from the DNS service. The process of registering a domain consists of picking a name, and a top-level domain in which to add that name. It is most common to use .com for an international business (or one that wants to become one), a local business domain (such as .co.uk) for a more local business, .org for a generic organisation, etc. You can be creative with your choice of top-level domain, where the top-level domain becomes part of the entire name – such as http://bit.ly/, but that makes the registration process trickier.

Some top-level domains restrict who can register domains – the .ac.uk domain for example is really just for Academic organisations, and JANET is quite restrictive about who can register a domain with them.

When you register a domain, some of the information that you provide (such as name, address, phone number, etc.) is made public by default! Whilst you can often hide this, you may want to consider whether that is wise … domains with hidden registration information are often used by those for nefarious purposes. That is a domain with public information has a higher reputation than those without.

The Domain Name System (DNS)

The DNS is a service that allows you lookup names. It is usually used to turn named (such as zonky.org) into network addresses (81.2.106.111 or 2001:8b0:ca2c:dead::d00d), but there are also other kinds of records. A hosting provider often hides all this extra detail from you, but not always. It’s easy to overlook that with one domain, it is perfectly possible to have as many names as you have the imagination for – for example, my own domain (zonky.org) has a web site that is very rarely visited, there is also a different web site at www.zonky.org, and a separate blog at really.zonky.org (plus a few others). This can be handy if you want different web sites for different purposes – a normal web site for a business, an additional web site for a blog (to publicise the business), a forum site for customer support, etc.

Each of which could be hosted with a different hosting company!

Most of these “other” DNS record types are not of interest if all you are interested in are web sites, but one – the CNAME – may be useful. It allows you to give an “alias” to another name – i.e. make www.zonky.org point to zonky.org. If you have a web site with multiple names – for example a web site that responds at your domain name (zonky.org), and your domain name with “www” added to the front (www.zonky.org) – then it may be better to use a CNAME for the “www” to point to your domain. This is simply so that you only have to enter the network address of your web site in one location, and only update it once.

However “aliases” can only exist as aliases … there can be no other additional records associated with that name. Your domain name (zonky.org) has at least one other DNS record associated with it, so you cannot use an alias here.

Cameron’s Confused Plans for a “Cleaner Internet”

 Computing, Politics, Security  No Responses »
Jul 232013
 

Sign me up for the perv’s list … I won’t trust a politician to come up with a sensible method of censorship, and neither should you.

Ignoring the civil liberties thing: That politicians with a censorship weapon will tend to over use it, to the eventual detriment of legitimate debate.

How is Cameron’s censorship thing supposed to work? It appears nobody has a clear idea. Probably not even Cameron himself.

It seems to be two separate measures :-

  1. Completely block “extreme” porn: child abuse images, and “rape porn”. Oddly enough, he also claimed that “50 Shades of Grey” would not be banned although there are those who categorise it as rape porn. Interestingly this is nothing new as child abuse images have been blocked for years ineffectively.
  2. An “optional” mechanism for blocking some other mysterious category of porn – the “family filter” mechanism.

Now it all sounds quite reasonable, but firstly let’s take a look at the first measure. Blocking child abuse images sounds like a great idea … and indeed it is something that is already done by the Internet Watch Foundation. Whilst their work is undoubtedly valuable – at the very least it prevents accidental exposure to child abuse images – it probably doesn’t stop anyone who is serious about obtaining access to such porn. There are just too many ways around even a country-wide block.

Onto the second measure.

This means that anyone with an Internet connection has to decide when signing up whether they want to be “family friendly” or if they want to be added to the government’s list of perverts … or possibly the ISP’s list of perverts. Of course, how quickly do you think that list will be extracted and leaked? I’m sure the gutter press is salivating at the thought of getting hold of those lists to see what famous people opt to get all the porn; the same gutter press that won’t be blocked despite publishing pictures that some might say meet the criteria for being classified as porn (see Page 3).

And who decides what gets onto the “naughty list” of stuff that you have to sign up as a perv to see? What is the betting that there will be lots of mistakes?

As we already block access by default to “adult sites” on mobile networks, I have already encountered this problem. Not as you might imagine, but whilst away on a course I used an “app” to locate hostelries around my location. On clicking on the link to take me to a local pub’s web site to see a few more details, I was blocked. The interesting thing here is that the app had no problems telling me where the pub was, but the pub’s web site was blocked. Two standards for some reason?

And there are plenty of other examples of misclassification such as Facebook’s long running problem with blocking access to breast feeding information, hospitals having to remove censorship products so that surgeons could get to breast cancer information sites, etc. I happen to work in a field where sales critters are desperate to sell censorship products, and I’m aware that many places that do install such products have the endless fun of re-classifying sites.

And finally, given this is all for the sake of the children, who thinks that children will come up with ways to get around the “family filter” anyway? It is almost impossible to completely censor Internet access without extreme measures such as pulling the entire country off the Internet – even China with it’s Great Firewall is unable to completely censor Internet activity. Solutions such as proxies, VPN access, and Tor all make censorship impossible to make totally effective. If you are thinking that this is all too technical for children, you are sorely mistaken … for a start it does not take many children able to figure this stuff out as they will distribute their knowledge.

This not to say that a censorship mechanism that you control is not a sensible idea. You can select what to censor – prevent the children getting access to information about the Flying Spaghetti Monster, but block access to other religious sites, etc. And such a product has to be network-wide, to prevent someone plugging in an uncensored device; such as using the OpenDNS FamilyShield (although I have never used it, I believe it to be a good product from independent reports). Of course even DNS blocking can be worked around, but it’s a reasonable effort.

Don’t Write Off British Manufacturing and Engineering …

 General  No Responses »
Jul 212013
 

It sometimes seems fashionable to put down British manufacturing and engineering such as when the well known idiot Jeremy Clarkson announced: “We don’t manufacture anything any more”.

Whilst it is true that Britain no longer makes more goods than the rest of the world combined, if you take the trouble to look you will find a surprisingly big industry. The trouble is that we all too often look backwards and compare today with the 19th century. Time to stop doing that, and actually look at today’s industry.

To quote the Wikipedia article (which has some other quite dated figures): “manufacturing output has increased in 35 of the 50 years between 1958 and 2007” and “output in 2007 was at record levels, approximately double that in 1958”. And: “In 2008, the UK was the sixth-largest manufacturer in the world measured by value of output.”

We may not make as much stuff as we used to, but what we do make is a lot more valuable.

A few points that illustrate just how well Britain is doing :-

  1. Of 11 constructors within Formula-1, 8 are based in the UK. Including teams such as Mercedes which you would quite reasonably assume were based in another country.
  2. Despite a series of governments that believe that spending money on space is a waste of time, the UK space industry is still worth £9 billion a year.
  3. BAE Systems is the third largest defence company in the world.
  4. GlaxoSmithKline is the fourth largest pharmaceutical company in the world.
  5. Of the 100 companies in the FTSE-100, around 33 can be regarded as manufacturing companies of one kind or another.
  6. A lesser known company (ARM) designs what is probably the most successful family of computer processors ever – ARM-based processors are found in 95% of all smartphones.

 

Should We Allow Ian Brady To Commit Suicide?

 General  No Responses »
Jun 292013
 

To ordinary people, the odious Ian Brady is as mad as a hatter. Nobody who commits the kind of crimes he is responsible for can be “all there”. Whether he is mentally ill, or legally insane is only relevant as far as deciding whether he should be kept in prison or in a secure hospital.

According to the reports on his mental health hearing, he wanted to be declared sane so he could return to prison where he would not face enforced feeding. He claims to be on hunger strike as he no longer wishes to live. For whatever reason, secure mental hospitals will force someone refusing to eat whereas prisons will not.

In terms of deciding whether he was well enough to be returned to prison, it is probable that the right decision was made. Whilst we should not blindly trust mental health care professionals, when they say he is too ill to be returned to prison, we need a very good reason to disagree.

However if Ian Brady had asked a different question; to be allowed to starve himself to death without being force fed, we would have a very different question to answer.

Normally there are very good reasons to force feed someone who is mentally ill and attempting to starve themselves. Some mental illnesses result in depression so severe that suicide seems like the only way out. But after appropriate treatment, the patient can be quite different.

Is Ian Brady suffering from this sort of mental illness? Apparently he is diagnosed as a paranoid schizophrenic, so the answer without additional information is perhaps. If he is not subject to episodes of clinical depression then there may be grounds for stopping the force feeding.

Now of course there is another question to answer here: Should we allow him to commit suicide before he has owned up to his crimes and detailed where the last undiscovered body of known victims is buried?

If we decide that Ian Brady should not be allowed to starve himself to death, it seems reasonable that we let him know the reason why and how he can work towards changing our minds.

 Older Entries  Newer Entries