Changes between Version 23 and Version 24 of doc/DnsResolver/PublicDnsResolvers


Ignore:
Timestamp:
Oct 8, 2012, 11:18:33 AM (7 years ago)
Author:
Bry8Star
Comment:

legal file-sharing & Licenses

Legend:

Unmodified
Added
Removed
Modified
  • doc/DnsResolver/PublicDnsResolvers

    v23 v24  
    44<center>
    55<table border="0" cellpadding="0" cellspacing="0" width="90%" style="border: none;"><tr><td width=8 border="0" style="border: none;">&#160;</td><td border="1" style="border: 1px solid #d7d7d7; padding: 0.25em; background: #f7f7f7;">
    6 <b>DNS Resolver</b> [wiki:doc/DnsResolver] (the <a href="../DnsResolver">parent</a>, DnsResolver) article of this page, and all other articles & projects under that page/article are <b>non-offical articles</b> & <b>non-official projects</b>. <a href="../DnsResolver#Credits">Author</a>(s) of these articles & projects is/are <b>not</b> affiliated with <b><i>torproject.org</i></b>. The Tor developers are <b>not</b> responsible for these articles/projects. Also see <a href="../DnsResolver#Disclaimer">Disclaimer</a> for more information. <b>DnsResolver</b> related (articles &) project(s) here, are produced independently from the Tor® anonymity software and carries no guarantee no warranty from 'The Tor Project' about quality, suitability or anything else.
     6<b>DNS Resolver</b> [wiki:doc/DnsResolver] (the <a href="../DnsResolver">parent</a>, DnsResolver) article of this page, and all other articles & projects under that page/article are <b>non-official articles</b> & <b>non-official projects</b>. <a href="../DnsResolver#Credits">Author</a>(s) of these articles & projects is/are <b>not</b> affiliated with <b><i>torproject.org</i></b>. The Tor developers are <b>not</b> responsible for these articles/projects. Also see <a href="../DnsResolver#Disclaimer">Disclaimer</a> for more information. <b>DnsResolver</b> related (articles &) project(s) here, are produced independently from the Tor® anonymity software and carries no guarantee no warranty from 'The Tor Project' about quality, suitability or anything else.
    77</td></tr></table></center><br />
    88}}}
     
    7171 I'm quoting a note from bill's blog, from [http://www.inputoutput.io/how-to-subvert-deep-packet-inspection-the-right-way/ here]: "In 1994, Congress passed the Communications Assistance for Law Enforcement Act (CALEA).  This act required all digital telecommunications carriers to enable '''wiretapping''' of their digital switches.  In 2005, CALEA was extended, at the behest of the DOJ, FBI, and DEA, to include the tapping of all ISP traffic.  Prior to this extension, the FBI had relied on court order or voluntary cooperation of individual ISPs, engaging in packet sniffing with programs such as Carnivore.  So the government spying on your net usage is nothing new."[[BR]][[BR]]
    7272 Not all, but some US States did re-voted to ban on some portion(s) of such federal level (illegal & unethical) laws.[[BR]][[BR]]
    73  * Such '''Monitoring & surveillance''' everyone at a mass-level or '''mass-scale''', (instead of properly using a specific court permission for a specific suspect), and usage of contracted-out or sub-contracted entities (instead of using federal government level office(s) & instead of using dedicated full-time government employees who has (University-)degree(s) and are trained in multiple ethics & mutiple experties), etc type of in-appropriate measures & activities, already has and are '''encouraging''' various fundamental (for example, like: '''constitution''') level of mis-using, rules & law bending and twisting, and these type of in-appropriate activities has degraded the entire system & standards, and such activities are now a grave harm on '''civil liberties''' and '''Privacy''' Act protections & '''rights''' of every people & users.  If another country or group doing it (even in smaller scale), then you wouldn't see any less amount or level of double or multi-standard comments & opinions.  In the name of so called "security" stemmed from fear & mis-leaded people, various agencies, departments, etc are spending money on various in-effective surveillance & monitoring related groups, peoples & entities. For more info, also see [http://www.npr.org/blogs/thetwo-way/2012/10/03/162209738/ Data-Sharing Centers], [http://en.wikipedia.org/wiki/Fusion_center Fusion Centers], [http://en.wikipedia.org/wiki/History_of_the_USA_PATRIOT_Act History of Patriot Act], [http://en.wikipedia.org/wiki/First_Amendment_to_the_United_States_Constitution First Ammendment], [http://en.wikipedia.org/wiki/Fourth_Amendment_to_the_United_States_Constitution Fourth Ammendment].[[BR]][[BR]]
    74  * '''First Ammendment''' of US Constitution : ''''' " ''''' ''Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.'' ''''' " '''''[[BR]]
     73 * Such '''Monitoring & surveillance''' everyone at a mass-level or '''mass-scale''', (instead of properly using a specific court permission for a specific suspect), and usage of contracted-out or sub-contracted entities (instead of using federal government level office(s) & instead of using dedicated full-time government employees who has (University-)degree(s) and are trained in multiple ethics & multiple expertise), etc type of in-appropriate measures & activities, already has and are '''encouraging''' various fundamental (for example, like: '''constitution''') level of mis-using, rules & law bending and twisting, and these type of in-appropriate activities has degraded the entire system & standards, and such activities are now a grave harm on '''civil liberties''' and '''Privacy''' Act protections & '''rights''' of every people & users.  If another country or group doing it (even in smaller scale), then you wouldn't see any less amount or level of double or multi-standard comments & opinions.  In the name of so called "security" stemmed from fear & mis-leaded people, various agencies, departments, etc are spending money on various in-effective surveillance & monitoring related groups, peoples & entities. For more info, also see [http://www.npr.org/blogs/thetwo-way/2012/10/03/162209738/ Data-Sharing Centers], [http://en.wikipedia.org/wiki/Fusion_center Fusion Centers], [http://en.wikipedia.org/wiki/History_of_the_USA_PATRIOT_Act History of Patriot Act], [http://en.wikipedia.org/wiki/First_Amendment_to_the_United_States_Constitution First Amendment], [http://en.wikipedia.org/wiki/Fourth_Amendment_to_the_United_States_Constitution Fourth Amendment].[[BR]][[BR]]
     74 * '''First Amendment''' of US Constitution : ''''' " ''''' ''Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.'' ''''' " '''''[[BR]]
    7575 It is part of [http://en.wikipedia.org/wiki/United_States_Bill_of_Rights Bill of Rights] and it prohibits the making of any law related to [http://en.wikipedia.org/wiki/Establishment_Clause establishment] of a national religion by Congress, also prohibits making of any law related to any preference by the U.S. Government of one religion over another, it prohibits impeding the '''free exercise of religion''' related activities, abridging the '''freedom of speech''', infringing on the '''freedom of the press''', interfering with the '''right to peaceably assemble''' or prohibiting the petitioning for a governmental redress of grievances.[[BR]][[BR]]
    76  * '''Fouth Ammendment''' of US Constitution : ''''' " ''''' ''The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.'' ''''' " '''''[[BR]]
     76 * '''Fouth Amendment''' of US Constitution : ''''' " ''''' ''The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.'' ''''' " '''''[[BR]]
    7777 It is part of Bill of Rights, these rights guards against unreasonable searches and seizures, along with '''pre'''-requiring '''any warrant''' to be '''judicially sanctioned''' first, and which must have to be supported by '''probable cause'''. It is related to Privacy, and to stop violating & abusing the rights of people's privacy.[[BR]][[BR]]
    78  * By encouraging Private entities to not follow or practice some set of US Constitition level of rules & laws & rights & liberties, while operating (& located) inside US, is not right thing to do, and then also provide or help them with another set of rules & laws & resources, is another mistake.  If you do not respect or if you do not follow or if you do not practice or if you do not encourage: rules & laws & rights & liberties of every members inside your own home or inside a non-public establishment, then no one should expect, such person to learn or follow rules & laws or respect rights of others, when they go outside of it, in a public place.  When a child or a kid, (or an employee), of such a parent (or under such an employer), where parent (or employer) is a thief or abuser or violator or lier or killer (or running business of twisting & bending or making guns, bombs, bullets, violent/killing games) etc, and if this child or kid (or employee) is living-with or trained-by such parent (or such employer) (for long time), and when they will go out of home (or office) to for example: to a mall, or grocery store, (or to public servant location, or to a governing location of rules & laws which suppose to serve people), then what this kid (or employee) will do ? most likely, what their parents (or employer) has taught or trained them to do.[[BR]][[BR]]
    79  * And also exist & seen, '''practice''' of using remotely located or locally located various '''private''' or semi-private or semi-public or sub-contracted entities & processing centers, for '''bending & twisting''' laws & rules & rights & liberties, and their applications.  Various government uses various such remotely (or local private) agencies, when rules & laws & rights cannot be broken or twisted so easily by a direct government agency or department, or, when they need to hide (some) criminal activites.
     78 * By encouraging Private entities to not follow or practice some set of US Constitution level of rules & laws & rights & liberties, while operating (& located) inside US, is not right thing to do, and then also provide or help them with another set of rules & laws & resources, is another mistake.  If you do not respect or if you do not follow or if you do not practice or if you do not encourage: rules & laws & rights & liberties of every members inside your own home or inside a non-public establishment, then no one should expect, such person to learn or follow rules & laws or respect rights of others, when they go outside of it, in a public place.  When a child or a kid, (or an employee), of such a parent (or under such an employer), where parent (or employer) is a thief or abuser or violator or lier or killer (or running business of twisting & bending or making guns, bombs, bullets, violent/killing games) etc, and if this child or kid (or employee) is living-with or trained-by such parent (or such employer) (for long time), and when they will go out of home (or office) to for example: to a mall, or grocery store, (or to public servant location, or to a governing location of rules & laws which suppose to serve people), then what this kid (or employee) will do ? most likely, what their parents (or employer) has taught or trained them to do.[[BR]][[BR]]
     79 * And also exist & seen, '''practice''' of using remotely located or locally located various '''private''' or semi-private or semi-public or sub-contracted entities & processing centers, for '''bending & twisting''' laws & rules & rights & liberties, and their applications.  Various government uses various such remotely (or local private) agencies, when rules & laws & rights cannot be broken or twisted so easily by a direct government agency or department, or, when they need to hide (some) criminal activities.
    8080
    8181{{{
     
    8585}}}
    8686== Alternative TLD Providers DNS Servers ==
    87 Except for few "Alternative Root DNS Providers/Operators" (also known as: '''Alternative TLD Providers''', Other TLD Providers, Alternative TLD Service Privider, Alt.Root.DNS.Opr, '''TLD Providers''', TLD Service Providers (TSP), etc) (a short list is [wiki:doc/DnsResolver#TLD_Providers here]) who provides other alternative TLDs/domains, most of the below "'''Public DNS Servers/Resolvers'''" are simply a recursive or caching or combination mode of DNS Resolver, performing DNS resolving on behalf of those Root-Servers, TLD & SLD, and 3LDNS, HSP, 4LDNS level DNS-Servers. But notice that in below, some has "Does not Censor", "Not Censored", "Censorfree" or "Censorship free" etc feature, these censorship-free DNS servers/resolvers can answer on behalf of Root-Servers, TLD, SLD, HSP, 3LDNS, 4LDNS etc level DNS-servers, and they can *ALSO* answer for those domains/sites which "Root-Servers", TLD, SLD, HSP, 3LDNS, 4LDNS etc level DNS-server maintainer(s) (who are also known as: manager(s), registries, registrar(s), operators(s), companies, DNS-Service-Providers, etc) have censored & blocked '''without''' getting a '''global''' consensus discussion and agreement, from all related (legal, ethical, etc) parties, groups, sides, peoples etc involved in such decision making process. Or, they have censored & blocked unjustly because of intimidation (or pressure) from other authorities.
     87Except for few "Alternative Root DNS Providers/Operators" (also known as: '''Alternative TLD Providers''', Other TLD Providers, Alternative TLD Service Privider, Alt.Root.DNS.Opr, '''TLD Providers''', TLD Service Providers (TSP), etc) (a short list is [wiki:doc/DnsResolver#TLD_Providers here]) who provides other alternative TLDs/domains, most of the below "'''Public DNS Servers/Resolvers'''" are simply a recursive or caching or combination mode of DNS Resolver, performing DNS resolving on behalf of those Root-Servers, TLD & SLD, and 3LDNS, HSP, 4LDNS level DNS-Servers. But notice that in below, some has "Does not Censor", "Not Censored", "Censorfree" or "Censorship free", "Censor-free" etc feature, these censorship-free DNS servers/resolvers can answer on behalf of Root-Servers, TLD, SLD, HSP, 3LDNS, 4LDNS etc level DNS-servers, and they can *ALSO* answer for those domains/sites which "Root-Servers", TLD, SLD, HSP, 3LDNS, 4LDNS etc level DNS-server maintainer(s) (who are also known as: manager(s), registries, registrar(s), operators(s), companies, DNS-Service-Providers, etc) have censored & blocked '''without''' getting a '''global''' consensus discussion and agreement, from all related (legal, ethical, etc) parties, groups, sides, peoples etc involved in such decision making process. Or, they have censored & blocked unjustly because of intimidation (or pressure) from other authorities.
    8888{{{
    8989#!html
     
    104104  Use Unicode fonts (for example: DejaVu Sans Mono) to view above diagram properly (if you are having difficulty viewing boxes or shapes, and if not appearing aligned).  In above Box, you can also change the box "Public DNS Servers" with "Other TLD Providers".  If you want to use all other TLDs from all Alternative TLD Providers (aka, Alt. Root DNS Operators), then you will have to use your own [wiki:doc/DnsResolver/PublicDnsResolvers#DnsResolver DNS-Resolver].
    105105
     106
    106107{{{
    107108#!html
     
    115116 * [http://dns.telecomix.org TeleComix] : Info: [http://werebuild.telecomix.org/wiki/DNS (2)]. Does not Censor. [[BR]]
    116117 91.191.136.152 <- No DNSsec yet. Active. [[BR]]
    117  85.229.85.109 <- Probably not active anymore.
     118 (85.229.85.109 <- Probably not active anymore).
    118119
    119120 * [http://www.chaoscomputerclub.de/en/censorship/dns-howto Chaos Computer Club (CCC) Berlin] : censorfree. [[BR]]
     
    144145 82.229.244.191 <- (France) does not filter. [[BR]]
    145146 66.244.95.20 <- (USA) does not filter. [[BR]]
    146  
     147
    147148 * Antartica DNS (Cyberbunker NL) : [[BR]]
    148149 84.22.106.30
     
    157158 198.153.194.40 <- Filtered. [[BR]]
    158159 198.153.192.50 | 198.153.194.50 <- these blocks/filters malicious/phishing sites + po`r`nography. [[BR]]
    159  198.153.192.60 | 198.153.194.60 <- these blocks/filters malicios+phishing sites, po`r`nography & non-family-friendly sites. Non-Family-Friendly objects are "mature content, abortion, alcohol, crime, cult, drugs, gambling, hate, sexual orientation, suicide, tobacco or violence".
     160 198.153.192.60 | 198.153.194.60 <- these blocks/filters malicious+phishing sites, po`r`nography & non-family-friendly sites. Non-Family-Friendly objects are "mature content, abortion, alcohol, crime, cult, drugs, gambling, hate, sexual orientation, suicide, tobacco or violence".
    160161
    161162 * DnsAdvantage / [http://www.neustar.biz/enterprise/dns-services/free-recursive-dns NeuStar] : [[BR]]
     
    175176 * [http://opendns.com OpenDNS] : [http://www.opendns.com/ipv6/ IPv6 DNS]. [[BR]]
    176177 208.67.222.222 | resolver1.opendns.com <- Blocks/Filters only malicious sites. [[BR]]
    177  208.67.220.220 | resolver2.opendns.com <- Blotcks/Filters only malicious sites. [[BR]]
     178 208.67.220.220 | resolver2.opendns.com <- Blocks/Filters only malicious sites. [[BR]]
    178179 208.67.222.123 | 208.67.220.123 <- these blocks po`r`nography, proxy servers, phishing sites and some malware. [[BR]]
    179180 2620:0:ccc::2 | 2620:0:ccd::2
     
    286287</tt></td></tr></table></center><br />
    287288}}}
    288  Your own DNS-Resolver software can be configured to directly connect with Root-Servers, TLD, SLD, 3L-DNS, 4L-DNS, etc level DNS-Servers for resolving DNS queries, like shown in above diagram B, (when you will follow the "Short Note:" section, mentioned under the textbox of configuration file).  DNS-Resolver configuration file(s) which are mentioned in (or under) [wiki:doc/DnsResolver DnsResolver] (parent) page, is(/are) pre-configured to perform like above diagram C, which will use censorship-free DNS-servers for resolving TLDs which are under ICANN/IANA governed Root-Servers, and DNS-Resolver is ALSO pre-configured to resolve TLDs of "Alternative TLD Providers" (these are not under and outside of ICANN/IANA Root-Servers), and DNS-Resolver will connect directly with [wiki:doc/DnsResolver#TLD_Providers them] (Alternative TLD providers) for DNS resolving, (Note: some of these "Alternative TLD Prividers" (aka, Alt.Root.DNS.Opr) operated DNS-Servers are also able to connect with Root-Servers, TLD, SLD, 3L-DNS, 4L-DNS, etc level DNS-Servers. So such type can resolve TLDs from ICANN/IANA, and can also resolve TLDs under that specific TLD-Provider, but not all other type of TLDs from all Other Alternative TLD Providers).  Most of the "Public DNS Servers" are not yet able to resolve all TLDs from "Alternative TLD Providers".  So using your own (properly configured) DNS-Resolver is best.
     289 Your own DNS-Resolver software can be configured to directly connect with Root-Servers, TLD, SLD, 3L-DNS, 4L-DNS, etc level DNS-Servers for resolving DNS queries, like shown in above diagram B, (when you will follow the "Short Note:" section, mentioned under the textbox of configuration file).  DNS-Resolver configuration file(s) which are mentioned in (or under) [wiki:doc/DnsResolver DnsResolver] (parent) page, is(/are) pre-configured to perform like above diagram C, which will use censorship-free DNS-servers for resolving TLDs which are under ICANN/IANA governed Root-Servers, and DNS-Resolver is ALSO pre-configured to resolve TLDs of "Alternative TLD Providers" (these are not under and outside of ICANN/IANA Root-Servers), and DNS-Resolver will connect directly with [wiki:doc/DnsResolver#TLD_Providers them] (Alternative TLD providers) for DNS resolving, (Note: some of these "Alternative TLD Providers" (aka, Alt.Root.DNS.Opr) operated DNS-Servers are also able to connect with Root-Servers, TLD, SLD, 3L-DNS, 4L-DNS, etc level DNS-Servers. So such type can resolve TLDs from ICANN/IANA, and can also resolve TLDs under that specific TLD-Provider, but not all other type of TLDs from all Other Alternative TLD Providers).  Most of the "Public DNS Servers" are not yet able to resolve all TLDs from "Alternative TLD Providers".  So using your own (properly configured) DNS-Resolver is best.
    289290
    290291{{{
     
    319320}}}
    320321 * '''censor free''' = Does not Censor = '''[https://en.wikipedia.org/wiki/Censorship Censorship]''' free = usually means, DNS-server which does NOT block web-sites or web-services related to political opinion, exposure or [https://en.wikipedia.org/wiki/Freedom_of_the_press publishment] of criminal activities of public or corporation figures, or some adversary, or some country government, [https://en.wikipedia.org/wiki/Freedom_of_speech freedom of speech], free speech, freedom of opinion, freedom of expression, etc.[[BR]][[BR]]
    321   * When someone doing something wrong/good, then someone will report/ talk about it, that is everybody's right & normal-way of life,  and then greedy '''people''' & '''group'''(s) exercises their power (and connections) to suppress, erase, manipulate expressions, which reported, expressed or revealed their criminal, illegal, unjust activities.  And, (most) people tend to find and group together with similar type & minded people, and they also start to avoid other type of people. But, some group or type of people start to exhibit, do or show extreme level of avoidance, dis-honoring, dis-respecting, harmful activities unjustly, violent actions toward other side(s), some of these people purpose-fully mis-represents various information for various sake.  Which consequentially creates '''unbalance''', '''in-equality''' & '''double'''-or-multi '''standard''' or treatments.  And, there are also group of people who '''abuse'''s, they obtain (and even take-away) various '''ideas''', '''services''' & '''resources''' from other type of people (or, group), but do not give-back, and/or do not allow, and/or do not return, a fair & just exchange amount for such '''other side'''(s).  Which consequentially results in mass-protest, deeper level of in-equality in between societies, localities, etc, and also starts-up vengeful & re-vengeful exchange of violent activities.  And, there are also group (of people, entity, entities) who are supported, funded, driven, motivated, encouraged by other '''parent''', related groups, these groups of '''multiple-groups''' work together, fabricate, manufacture, instigate, distribute various type of virtual-'''curtains''', virtual-bubbles, false-situations, circumstances, false-spin-media-news, false-promises, '''propaganda''', etc using all type of various channel(s) where they have (some level of) controls, and, these type of multiple-group (which consist of various types of entities, like: collection of companies, corporations, ideological-parties, professional-groups, etc), places their own representative & member on (key positions of) '''public servant''' level (aka, government level) areas & places where many type of transactions, laws, rules, etc are handled, (and created & twisted-around), and such (double or multi-'''agent''') memebers who are suppose to help & protect & '''serve''' common people, but they start to help & serve their '''own interests''', these members '''pretend''' to be what they are not, and '''hide''' their previous jobs info, hides close family-member's asset, (stakes,) & connection information with other entities, etc from public, so that ultimately one or more members (of that multiple-groups) can '''sell''' (something) & make '''profit''' & rip benefit & support for each other.  These consequentially creates massive (entire country wide and even multiple '''country wide''') level of unbalance, only few side(s) become massively resourceful while '''majority''' remain (or left-alone for) living, barely with some minimum, or, almost no-resources for their survival, and these multiple-groups even extends their affect to such level that all ways for living or income are destroyed or massacerd, and these groups of multi-groups often runs hidden (aka, secret) operations to create enemy-ship (aka, un-friendly-ness) in beteween other groups (& countries), so that, their victims fight in-between & exhaust them-selves and so that ultimately all victims (groups & countries) start to buy & depend for further supplies (various type of products & services) from them, total-'''collapse''' of systems, even war & extreme level of civil-unrest breaks out.[[BR]]
     322  * When someone doing something wrong/good, then someone will report/ talk about it, that is everybody's right & normal-way of life,  and then greedy '''people''' & '''group'''(s) exercises their power (and connections) to suppress, erase, manipulate expressions, which reported, expressed or revealed their criminal, illegal, unjust activities.  And, (most) people tend to find and group together with similar type & minded people, and they also start to avoid other type of people. But, some group or type of people start to exhibit, do or show extreme level of avoidance, dis-honoring, dis-respecting, harmful activities unjustly, violent actions toward other side(s), some of these people purpose-fully mis-represents various information for various sake.  Which consequentially creates '''unbalance''', '''in-equality''' & '''double'''-or-multi '''standard''' or treatments.  And, there are also group of people who '''abuse'''s, they obtain (and even take-away) various '''ideas''', '''services''' & '''resources''' from other type of people (or, group), but do not give-back, and/or do not allow, and/or do not return, a fair & just exchange amount for such '''other side'''(s).  Which consequentially results in mass-protest, deeper level of in-equality in between societies, localities, etc, and also starts-up vengeful & re-vengeful exchange of violent activities.  And, there are also group (of people, entity, entities) who are supported, funded, driven, motivated, encouraged by other '''parent''', related groups, these groups of '''multiple-groups''' work together, fabricate, manufacture, instigate, distribute various type of virtual-'''curtains''', virtual-bubbles, false-situations, circumstances, false-spin-media-news, false-promises, '''propaganda''', etc using all type of various channel(s) where they have (some level of) controls, and, these type of multiple-group (which consist of various types of entities, like: collection of companies, corporations, ideological-parties, professional-groups, etc), places their own representative & member on (key positions of) '''public servant''' level (aka, government level) areas & places where many type of transactions, laws, rules, etc are handled, (and created & twisted-around), and such (double or multi-'''agent''') members who are suppose to help & protect & '''serve''' common people, but they start to help & serve their '''own interests''', these members '''pretend''' to be what they are not, and '''hide''' their previous jobs info, hides close family-member's asset, (stakes,) & connection information with other entities, etc from public, so that ultimately one or more members (of that multiple-groups) can '''sell''' (something) & make '''profit''' & rip benefit & support for each other.  These consequentially creates massive (entire country wide and even multiple '''country wide''') level of unbalance, only few side(s) become massively resourceful while '''majority''' remain (or left-alone for) living, barely with some minimum, or, almost no-resources for their survival, and these multiple-groups even extends their affect to such level that all ways for living or income are destroyed or massacred, and these groups of multi-groups often runs hidden (aka, secret) operations to create enemy-ship (aka, unfriendliness) in between other groups (& countries), so that, their victims fight in-between & exhaust them-selves and so that ultimately all victims (groups & countries) start to buy & depend for further supplies (various type of products & services) from them, total-'''collapse''' of systems, even war & extreme level of civil-unrest breaks out.[[BR]]
    322323  ''Goto (top of) [#Acronyms Acronyms] section.''
    323324
     
    369370<a name="Email-Client"></a>
    370371}}}
    371  * '''Email-Client''' = Email exchanging type of user-agent or software also uses DNS-client, it asks for the 'MX' DNS record/data, to get the IP-address of email-server, and then connects with that email-server's IP address. Connecting to which port on email-server, depends on, what type of function & feature your email-client software is pre-configured to do.  To download emails from email-server, an email-client software (like: Thunderbiard, Outlook, Mail, etc) can use POP3 protocol and connect on port 110 of email-server. If email-server supports TLS/SSL encryption, for downloading emails on email-client, then email-client can use POP3S protocol with email-server's IP-addresss on port 995. When users want to perform downloading & viewing & syncing of emails, all of these functions, then they can use IMAP (143) or IMAPS (993). So IMAPS, is better than POP3S, and IMAP is better than POP3. One email-server can send email to another email-server, by using SMTP (25 or 587) or SMTPS (465) on source & destination. User's email-client sofwtare can send email (via his/her email-server to a destination email-server) by first connecting with his/her email-server, on port 25, 587 or 465.[[BR]]
     372 * '''Email-Client''' = Email exchanging type of user-agent or software also uses DNS-client, it asks for the 'MX' DNS record/data, to get the IP-address of email-server, and then connects with that email-server's IP address. Connecting to which port on email-server, depends on, what type of function & feature your email-client software is pre-configured to do.  To download emails from email-server, an email-client software (like: Thunderbird, Outlook, Mail, etc) can use POP3 protocol and connect on port 110 of email-server. If email-server supports TLS/SSL encryption, for downloading emails on email-client, then email-client can use POP3S protocol with email-server's IP-address on port 995. When users want to perform downloading & viewing & syncing of emails, all of these functions, then they can use IMAP (143) or IMAPS (993). So IMAPS, is better than POP3S, and IMAP is better than POP3. One email-server can send email to another email-server, by using SMTP (25 or 587) or SMTPS (465) on source & destination. User's email-client software can send email (via his/her email-server to a destination email-server) by first connecting with his/her email-server, on port 25, 587 or 465.[[BR]]
    372373 ''Goto (top of) [#Acronyms Acronyms] section.''
    373374
     
    384385<a name="Self-Signed"></a><a name="Verify"></a>
    385386}}}
    386   * If your email-server uses a self-signed SSL (or TLS) certificate, then you will need to understand this paragraph: When Email-Clients software cannot resolve a certificate, it happens when a email-server uses a self-signed certificate, then email-client sofwtare (like Mozilla Thunderbird, Microsoft Outlook, etc) shows a warning message (with unnecesary sentences and left out necessary helpful messages), (Major & Public CA entities, supports & backs Email-client software developers and software components, for showing such type of Warning messages to '''scare''' users, so that they prefer and use alternative server or service which does not cause a warning, and such warning(s) also forces & intimidates a self-signed cert based server's operator(s) to load a $PAID$ (or $'''Purchased'''$) (lower-strength) SSL or TLS Certificate(s). Which is '''not right'''. Instead, that Warning message should show helpful messages on how to make sure and use '''self-signed''' certificates properly. Anyway, next step is, properly Torify or Anonymize your email-client software, then, either obtain that email server-certificate (or obtain the root-certificate from email-server service provider's website) over a direct & regular connection, but remember that, connecting directly with a self-signed or any server is not recommended, as it will reveal your IP-address & location, so you must use a generic, common or John-Doe type of user-email-id (as it is just for obtainning or getting the SSL cert), but connecting directly to an email-server that you own or you have control in it, (or, if email-server service provider entity has declared publicly that they do not spy on (that is, they do not log or store) any user's any information and instantly erases such related records, so that no chance of mis-use exist, then connecting to such trustworthy email-server directly) is ok. And then load that Cert on your (Torified or Anonymized) email-client and on your web-browser. It is best (and recommended) to use multiple different tor-circuits via using "'''Tor Network Map'''" in Vidalia, multiple times (at-least 3 or 4 times), and each time first view & inspect the Cert (do not do '''temporary''' accept, do not do permanent accept, at this stage) and write down the cert fingerprint so it helps to match & check on next inspection attempt,  make sure you used each time a different tor-circuit and which had different nodes, and use a generic, common or John-Doe type of user or email-id, (and even use two or more different user names, one when connecting via tor-net, and another different name if you will also attempt connect directly), then you must compare these certificates, and when all are same (same '''fingerprint''', same ip address, and same domain-name, and same detail cert info exist) then you can load or accept the cert "permanently", on your (Torified or Anonymized) email-client and web-browser.[[BR]][[BR]]
     387  * If your email-server uses a self-signed SSL (or TLS) certificate, then you will need to understand this paragraph: When Email-Clients software cannot resolve a certificate, it happens when a email-server uses a self-signed certificate, then email-client software (like Mozilla Thunderbird, Microsoft Outlook, etc) shows a warning message (with unnecessary sentences and left out necessary helpful messages), (Major & Public CA entities, supports & backs Email-client software developers and software components, for showing such type of Warning messages to '''scare''' users, so that they prefer and use alternative server or service which does not cause a warning, and such warning(s) also forces & intimidates a self-signed cert based server's operator(s) to load a $PAID$ (or $'''Purchased'''$) (lower-strength) SSL or TLS Certificate(s). Which is '''not right'''. Instead, that Warning message should show helpful messages on how to make sure and use '''self-signed''' certificates properly. Anyway, next step is, properly Torify or Anonymize your email-client software, then, either obtain that email server-certificate (or obtain the root-certificate from email-server service provider's website) over a direct & regular connection, but remember that, connecting directly with a self-signed or any server is not recommended, as it will reveal your IP-address & location, so you must use a generic, common or John-Doe type of user-email-id (as it is just for obtaining or getting the SSL cert), but connecting directly to an email-server that you own or you have control in it, (or, if email-server service provider entity has declared publicly that they do not spy on (that is, they do not log or store) any user's any information and instantly erases such related records, so that no chance of mis-use exist, then connecting to such trustworthy email-server directly) is ok. And then load that Cert on your (Torified or Anonymized) email-client and on your web-browser. It is best (and recommended) to use multiple different tor-circuits via using "'''Tor Network Map'''" in Vidalia, multiple times (at-least 3 or 4 times), and each time first view & inspect the Cert (do not do '''temporary''' accept, do not do permanent accept, at this stage) and write down the cert fingerprint so it helps to match & check on next inspection attempt,  make sure you used each time a different tor-circuit and which had different nodes, and use a generic, common or John-Doe type of user or email-id, (and even use two or more different user names, one when connecting via tor-net, and another different name if you will also attempt connect directly), then you must compare these certificates, and when all are same (same '''fingerprint''', same ip address, and same domain-name, and same detail cert info exist) then you can load or accept the cert "permanently", on your (Torified or Anonymized) email-client and web-browser.[[BR]][[BR]]
    387388{{{
    388389#!html
     
    390391<a name="Server-cert"></a><a name="DNSSEC-signing"></a>
    391392}}}
    392    * Also '''encourage & request''' online email-server service provider (who uses self-signed cert) to (1) first create a Self-Signed CA-Certificate or Root-Certificate, (use such a computer or hardware which has very high entropy and random number generation capability), and (2) share it ("public" side) with others from a publicly accesible website or webpage, with fingerprint and other detail shown publicly on that webpage (and save "private" side of CA-certificate (ca-cert) or root-certificate (root-cert) in a very very secured place), if you add such ca-cert or root-cert in your client software (for example: irc software, or web-browser, or email-client, etc), then your client-sofwtare can connect to a self-signed server with much more assurity and avoid (up to some level,) connecting with a middle-man(MITM) based server(s), and then they should (3) use the root-cert to create further & other server-certificate(s) (server-cert) to use on other server computers or server software. And then (4) configure server properly with proper '''access-rights''', so that only the cert verifying component has acccess to "private" portion of (root-cert and) server-cert(s), and no-one else has any access. Then they should (5) add public side (or portion) of certificate fingerprints or keys & other keys etc in appropriate DNS-records, and then they should (6) DNSSEC sign the entire domain-name (& related all DNS-records), also set DNSSEC records in (your Domain-name Service Provider's (Domain-SP) server, or on your own name-) server, (7) further modify your name-server or request Domain-SP to modify their (DNS/name) server's local DNS-Resolver or DNS-Server, and enable DNSSEC support in it, and also enable options in email-server to use DNSSEC & related other features (for all communications), it is much harder to impersonate a DNSSEC signed server, when componenets on your side & your accessing network system also supports DNSSEC, (8) then all other users, who will use DNSSEC supported DNS-Resolver & DNSSEC supported email-client software, will receive very accurate information on these (domain-name, dnssec fingerprints & keys, dnssec rrsig, ip-address, certificates, etc), whether an user connects directly, or via multiple-proxies, and if that user properly uses those componenets, then communication will be much more secured & accurate.[[BR]]
     393   * Also '''encourage & request''' online email-server service provider (who uses self-signed cert) to (1) first create a Self-Signed CA-Certificate or Root-Certificate, (use such a computer or hardware which has very high entropy and random number generation capability), and (2) share it ("public" side) with others from a publicly accessible website or webpage, with fingerprint and other detail shown publicly on that webpage (and save "private" side of CA-certificate (ca-cert) or root-certificate (root-cert) in a very very secured place), if you add such ca-cert or root-cert in your client software (for example: irc software, or web-browser, or email-client, etc), then your client-sofwtare can connect to a self-signed server with much more assurity and avoid (up to some level,) connecting with a middle-man(MITM) based server(s), and then they should (3) use the root-cert to create further & other server-certificate(s) (server-cert) to use on other server computers or server software. And then (4) configure server properly with proper '''access-rights''', so that only the cert verifying component has access to "private" portion of (root-cert and) server-cert(s), and no-one else has any access. Then they should (5) add public side (or portion) of certificate fingerprints or keys & other keys etc in appropriate DNS-records, and then they should (6) DNSSEC sign the entire domain-name (& related all DNS-records), also set DNSSEC records in (your Domain-name Service Provider's (Domain-SP) server, or on your own name-) server, (7) further modify your name-server or request Domain-SP to modify their (DNS/name) server's local DNS-Resolver or DNS-Server, and enable DNSSEC support in it, and also enable options in email-server to use DNSSEC & related other features (for all communications), it is much harder to impersonate a DNSSEC signed server, when components on your side & your accessing network system also supports DNSSEC, (8) then all other users, who will use DNSSEC supported DNS-Resolver & DNSSEC supported email-client software, will receive very accurate information on these (domain-name, dnssec fingerprints & keys, dnssec rrsig, IP-address, certificates, etc), whether an user connects directly, or via multiple-proxies, and if that user properly uses those components, then communication will be much more secured & accurate.[[BR]]
    393394   ''Goto (top of) [#Acronyms Acronyms] section.''[[BR]][[BR]]
    394395  * DNSSEC allows you to share your (public-side) various type of certificates, keys, fingerprints, etc with visitors & users very accurately, so use newer DNSSEC standard supported software & mechanism(s) & system(s).[[BR]][[BR]]
     
    400401<a name="file-sharing"></a>
    401402}}}
    402  * '''file-sharing''', bit-torrent: bit-torrent system or mechanism, has evolved from peer to peer (which can also be identified and better understood as: user to user, or, end-user public computer(s) to another end-user public computer(s)) file-sharing mechanism, like: gnutella, etc. It was intended & created for users & community to help each other, by '''sharing''' portion of their Internet conneciton (speed &) bandwidth and their computer's disk area, (and computing power,) etc type of resources, for sharing larger sized files & discs, which are '''legal''' to share, (for example: Linux Installation discs, Public-Domain files, images, videos, Creative-Common (Licensed or based) files, images, videos, and for files which are developed by a community for sharing with community-members, and, for sharing of files, images, videos which falls under these type of licenses: GPL, MPL, zLib, etc for most case).  But, many many ('''greedy''') users have abused this system, and started to share files illegally (for example: '''Newly released''' Music Disc images, Movie Disc images, Newly released closed-source commercial software files & discs, etc).  Many '''needy''' (low-income) users use it for to get such software which are necessary for a very specific task (for their survival or for education or test purpose) when price is set on too high.  Because of greedy & unethical file-sharing, as a consequence, many groups, authorities & entities have also blocked entire (web-)site, illegally. Whereas they suppose to block or filter specifically only the illegal contents, products or portions.  If governement opens up a website to receive public opinions & feedback, then can they monitor the entire or all feedbacks ? (No, not easily).  And if a feedback is revealing or hinting towards some facts, or loophole(s), or a process to bend a law without completely breaking it, then can an authority (or a Judge) shut down that entire government web-site ? is that right thing to do ? No.  If "Google, Inc" is indexing and caching & linking to cached content of even illegal sites, or such sites which have some objectionable items, and may be not be allowed or legal in some US states or areas, then will you take entire google site down ? No.  Musicians & their support & development groups, Movie makers & their support & development groups, software developers & their supporters are '''copying''' (and has copied), they do not creatively re-invent every little steps or portions, they copy various portion from various other base or sources, (as that is what humans (naturally) do, and that is what happens with ideas, open-source software, or happens with developers who work with both commercial or trial software source-codes and also with open-source software).  Are these type people or entity (and their support group) properly paying & compensating each of their sources properly ? (No, they are not & they have not).  So, torrent users do not expect that they will be treated any differently.  No one likes such person or such entity or such system, which will treat certain groups or other side or apply something on certain group or other side, that will not be treated or applied on ALL in equal manner or in equal-standard.  If a person is '''non-corrupted''', and is talking about how to '''block corruptions''', then that is more valuable and has more weight & has some '''credibility''', which will create '''repurcussions''' (chain of affected actions & reactions), and as a consequence, others will start to act & show (& exhibit) '''moral''' & balanced-virtues & really helpful & creative activities, and they will start to '''avoid corruptions''' (& criminal activities).  Do and show it to others, apply exact same law on yourself first, what you would like to apply on others, then you will see, goodness (& what you did) is spreading-out from person to person.  Just an example, if a software programmer has stolen (aka, "copied") certain set of codes & ideas from another set of programmers, and then renamed it, and developed it further, and started to selling it and then also started to saying to others dont "copy" it, i hope you are able to see the problem in it.  No one should expect good behavior from another side, if they themselves cannot behave.
    403   * If price of products, or fee for services, are within '''buying capacity''' of middle-class, or below-middle-class level people, and if they were set with '''fair & just amount''', then (most of) such user or people will not go for piracy, (and, buying capacity does not mean that only one product priced at US$0.99, which seems low-priced, but you will have to add up various products & other living expenses, for such middle-class, or below-middle class level users or people, what they can afford out of what they '''earn''').  A '''globally inter-connected''' & inter-depended employer and employees, and inter-connected & depended people & consumers, etc must have to realize options & alternatives, re-analyze, re-factor, and re-value prices and fees of various products & services, based on various factors, for example like: source & destination's approximate (not exact) location or area (such as, by using IP-address allocation & location-codes of end-user ISP, and traffic origination & destination based detection mechanism, for setting prices & fees), country-code of payment-card (payment processing company can share buyer's only "Country" code portion (or the jurisdiction area's code portion) with a product manufacturer or developer or a service provider, for setting prices & fees), etc.  Really '''helpful''' & '''newer''' developments & research creates new products that results in '''improved components''' and '''lower'''s the '''cost''' on all levels (for example: electrical or battery power usage efficiency increases, heat dissipation properly managed, channeled & lowered, higher bandwidth & amount of data becomes possible inside a narrow channel or frequency-range, better compression & encryption techniques on various level and also on transmitter (TX) & receiver (RX), etc), thus a service fee (and product price) '''must go down''', not increase ! (Only where manufacturing process involves higher cost, then a '''slightly''' higher price of a "product" make sense (for some short amount of time to cover the difference of higher-spending portion), but not for a "service", and definitely not when charged for very long time). When more user are using, then cost must go down, '''price & fee cannot be a fixed amount for everyone for years after years''', it must vary.  Currently most mobile operator's SMS text message fee in most country, are almost 1000 times less than what is charged in US, even in world's most poor or undeveloped countries !  An example related to software product: suppose, you want to use Windows XP Professional inside a Virtual Machine (VM), this Operating System (OS) is almost 10 Yrs old. And lets assume, it's official support is about to be ended within or under 1 yr, then, would it be justified & fair to charge a buyer, US$129 or so for that ? No, definitely not $129.  A corporation or LLC paying '''lesser amount of taxes''' and always finding loopholes to pay even lesser amount, and if a regular individual person even does any slightly similar he/she will either be in jail or '''money directly taken out as tax''' purpose from bank account, plus he/she will also have to pay for that tax collection process as well !  Various companies & corporations firing & closing offices here in USA and employing (it can also be called as: '''outsourcing''') and using "Low Cost" (aka, '''cheap''') labors & services & employees & products located in other low-cost or economically less-developed areas or countries, producing products and services with very '''reduced''' & cheaper & lower cost, but selling products & services here in USA at '''previous rate''' and/or '''higher rate''', are these right ? No.  Do you see most product provider or most service provider entities are doing something that is justified and fair ? mostly, No.[[BR]]
     403 * '''file-sharing''', bit-torrent: bit-torrent system or mechanism, has evolved from peer to peer (which can also be identified and better understood as: user to user, or, end-user public or private computer(s) to another end-user public or private computer(s)) file-sharing mechanism, like: gnutella, etc. It was intended & created for users & community to help each other, by '''sharing''' portion of their Internet connection (speed &) bandwidth and their computer's disk area, (and computing power,) etc type of resources, for sharing larger sized files & discs, which are '''legal'''^[https://en.wikipedia.org/wiki/Permissive_licenses (1)]^ & [https://en.wikipedia.org/wiki/Free_and_open_source_software free]^[https://en.wikipedia.org/wiki/Freely_redistributable_software (2)]^ to share (for example: (most) Linux Installation discs, [https://en.wikipedia.org/wiki/Public_domain Public-Domain] and [https://en.wikipedia.org/wiki/Copyleft Copyleft] type of [https://en.wikipedia.org/wiki/Public_domain_software files](software), [https://en.wikipedia.org/wiki/Public_domain_image_resources images], [https://en.wikipedia.org/wiki/Public_domain_music music], [https://en.wikipedia.org/wiki/Public_domain_film videos] etc, [https://en.wikipedia.org/wiki/GNU_General_Public_License GPL] (Licensed or based) files, images, videos, and files which are developed by an open community for sharing with any community-members, and, sharing of files, images, videos which falls under these type of [https://en.wikipedia.org/wiki/Comparison_of_free_software_licenses Licenses]: [https://en.wikipedia.org/wiki/MIT_license MIT License], [https://en.wikipedia.org/wiki/Zlib_License zLib], [https://en.wikipedia.org/wiki/BSD_license BSD], [https://en.wikipedia.org/wiki/Apache_License Apache], [https://en.wikipedia.org/wiki/Mozilla_Public_License MPL](limited), [https://en.wikipedia.org/wiki/Zope_Public_License ZPL], [https://en.wikipedia.org/wiki/CC0#Public_domain_tools CC0], [https://en.wikipedia.org/wiki/WTFPL WTFPL], [https://en.wikipedia.org/wiki/Beerware Beerware], [https://en.wikipedia.org/wiki/ISC_license ISC], [https://en.wikipedia.org/wiki/Common_Development_and_Distribution_License CDDL], [https://en.wikipedia.org/wiki/OpenSSL OpenSSL], [https://en.wikipedia.org/wiki/Work_of_the_United_States_Government Works of US Gov], [https://en.wikipedia.org/wiki/ShareAlike CC-ShareAlike] etc, and any software which it's author or creator or developer has shared once ''(and sharing)'' via bit-torrent ''(or shared or released or broadcasted publicly once via a server-less or control-less method)'', and most of such items which are based on more than 20 years older [https://en.wikipedia.org/wiki/Term_of_patent patent] works, and any type of any works whose [https://en.wikipedia.org/wiki/Intellectual_property intellectual property] rights have expired: for example, more than 50 years (to 70 yrs, [https://en.wikipedia.org/wiki/List_of_countries%27_copyright_length copyright] varies in country to country) old any Copyrighted items, and there are also usage related to [https://en.wikipedia.org/wiki/Limitations_and_exceptions_to_copyright Limitations of Copyright]).  But, many many ('''greedy''') users have abused this system, and started to share files illegally (for example: '''Newly released''' Music Disc images, Movie Disc images, Newly released closed-source commercial software files & discs, etc).  Many '''needy''' (low-income) users use it for to get such software which are necessary for a very specific task (for their survival or for education or test purpose) when price is set on too high.  Because of greedy & unethical file-sharing, as a consequence, many groups, authorities & entities have also blocked entire (web-)site, '''illegally'''. Whereas they suppose to block or filter specifically only the illegal contents, products or portions.  If government opens up a website to receive public opinions & feedback, (or if a corporation company starts Twitter, Facebook, etc for public to share their opinions), then can they monitor the entire or all feedbacks ? (No, not easily).  And if a feedback or opinion is revealing or hinting towards some facts, or loophole(s), or a process to bend a law without completely breaking it, then can an authority (or a Judge) shut down that entire government (or that Twitter or Facebook) web-site ? is that right thing to do ? No.  If "Google, Inc" is indexing and caching, and also sharing links of cached content of even illegal sites, or such sites which have some objectionable items, and may be not be allowed or legal in some US states or areas, then will you take entire google site down ? No.  Musicians & their support & development groups, Movie makers & their support & development groups, software developers & their supporters are '''copying''' (and has '''copied'''), they do not creatively re-invent every little steps or portions, they copy various portion from various other base or sources, (as that is what humans (naturally) do, and that is what happens with ideas, open-source software, or happens with developers who work with both commercial or trial software source-codes and also with open-source software, and also those who works on commercial software (who obviously develops or improves a previous base or core)).  ''(Everything in universe has come into existence from another object or idea or pattern or stage, and these are affected by interaction of other objects (ideas, patterns, stages) and also affecting actively (or passively) another object, (ideas, patterns, stages) and ALL can trace back to the beginning of it from a single point of space-time-energy)''.  Are these type people or entity (and their support group) properly paying & compensating each of their sources properly ? (No, they are not & they have not, and we can easily find plethora of public news & documents of such entities taking violators into court).  Just another example, if a software programmer has stolen (aka, "copied") certain set of codes & ideas from another set of programmers, and then renamed it, and developed it further, and started to selling it and then also started to saying to others don't "copy" it, i hope you are able to see the problem in it.  So, torrent users do not expect that they will be treated any differently.  No one likes or prefers, such person or such entity or such system, which will treat certain groups or other side or apply or do something on certain group or other side, but, this person/entity/system will not treat or apply it on ALL in Equal manner or with equal-standard or in equally justified-proportion.  If a person is '''non-corrupted''', and is talking about how to '''block corruptions''', then that is more valuable and has more weight & has some '''credibility''', which will create '''repercussions''' (chain of affected actions & reactions), and as a consequence, others will start to act & show (& exhibit) '''moral''' & balanced-virtues & balanced-values & really helpful & creative activities, and they will start to '''avoid corruptions''' & criminal activities.  Do and Show it to others, apply exact same law on yourself first, what you would like to apply on others, then you will see, goodness ''(& what you did)'' is spreading-out from person to person, and goodness ''(& what you did)'' coming back to you.  No one should expect good behavior from another side, if they themselves cannot behave.  We do have some very creative people (among us) who really and uniquely invents & solves, and we do have some people with very good morals & values.
     404  * If price of products, or fee for services, are within '''buying capacity''' of middle-class, or below-middle-class level people, and if they were set with '''fair & just amount''', then (most of) such user or people will not go for piracy, (and, buying capacity does not mean that only one product priced at US$0.99, which seems low-priced, but you will have to add up various products & other living expenses, for such middle-class, or below-middle class level users or people, what they can afford out of what they '''earn''').  A '''globally inter-connected''' & inter-depended employer and employees, and inter-connected & depended people & consumers, etc must have to realize options & alternatives, re-analyze, re-factor, and re-value prices and fees of various products & services, based on various factors, for example like: source & destination's approximate (not exact) location or area (such as, by using IP-address allocation & location-codes of end-user ISP, and traffic origination & destination based detection mechanism, for setting prices & fees), country-code of payment-card (payment processing company can share buyer's only "Country" code portion (or the jurisdiction area's code portion) with a product manufacturer or developer or a service provider, for setting prices & fees), etc.  Really '''helpful''' & '''newer''' developments & research creates new products that results in '''improved components''' and '''lower'''s the '''cost''' on all levels (for example: electrical or battery power usage efficiency increases, heat dissipation properly managed, channeled & lowered, higher bandwidth & amount of data becomes possible inside a narrow channel or frequency-range, better compression & encryption techniques on various level and also on transmitter (TX) & receiver (RX), etc), thus a service fee (and product price) '''must go down''', not increase ! (Only where manufacturing process involves higher cost, then a '''slightly''' higher price of a "product" make sense (for some short amount of time to cover the difference of higher-spending portion), but not for a "service", and definitely not when charged for very long time). When more user are using, then cost must go down, '''price & fee cannot be a fixed amount for everyone for years after years''', it must vary.  Currently most mobile operator's SMS text message fee in most country, are almost 1000 times less than what is charged in US, than even in world's most poor or undeveloped countries !  Voice rate is also unbalanced.  An example related to software product: suppose, you want to use Windows XP Professional inside a Virtual Machine (VM), this Operating System (OS) is almost 10 Yrs old. And lets assume, it's official support is about to be ended within or under 1 yr, then, would it be justified & fair to charge a buyer, US$129 or so for that ? No, definitely not $129.  A corporation or LLC paying '''lesser amount of taxes''' and always finding loopholes to pay even lesser amount, and if a regular individual person even does any slightly similar he/she will either be in jail or '''money directly taken out as tax''' purpose from bank account, plus he/she will also have to pay for that tax collection process as well !  Various companies & corporations firing & closing offices here in USA and employing (it can also be called as: '''outsourcing''') and using "Low Cost" (aka, '''cheap''') labors & services & employees & products located in other low-cost or economically less-developed areas or countries, producing products and services with very '''reduced''' & cheaper & lower cost, but selling products & services here in USA at '''previous rate''' and/or '''higher rate''', are these right ? No.  Do you see most product provider or most service provider entities are doing something that is justified and fair ? mostly, No.[[BR]]
    404405  ''Goto (top of) [#Acronyms Acronyms] section.''
    405406
     
    418419}}}
    419420= Test Public DNS Servers =
    420 '''How to test Public DNS servers ? ''' First use a torified firefox web-browser and find out a list of or few censored website's correct & full domain-name or hostname or nodename (FQDN). Then by using the 'dig' tool (get from ISC.org or use Cygwin, [wiki:doc/DnsResolver/TestDnsResolving#Get_DiG more info]), try to resolve such one of the censored website (that is, try to get website's IP address, or 'A' or 'AAAA' record) using each dns server's @IP.ADRS.NUM (with a leading @ symbol) which you want to test or use, including your ISP provided DNS server(s), via your Internet connection directly, see [wiki:doc/DnsResolver/TestDnsResolving#Test_Via_Specific_Nameserver here]. Soon you will see different server returning different answers !  Install a "Server IP Address" type of addon/plugin (in a torified firefox) which can show IP address of visiting website server, using it find actual IP address of censored site.  If you want to query DNS via or using Tor Exit-node's Internet, then you will have to load or use a (3rd party or) configurable DNS-resolver/server, (and also load or use either a tun/tap interface and/or transparent proxy server type of tool) on your computer, configure them, then 'dig' can be made to query from the Tor exit-node(s), see inside Unbound Tweak section, [wiki:doc/DnsResolver#Connect_With_Nameservers_From_Exit-Node here].[[BR]]
     421'''How to test Public DNS servers ? ''' First use a torified Firefox web-browser and find out a list of or few censored website's correct & full domain-name or hostname or nodename (FQDN). Then by using the 'dig' tool (get from ISC.org or use Cygwin, [wiki:doc/DnsResolver/TestDnsResolving#Get_DiG more info]), try to resolve such one of the censored website (that is, try to get website's IP address, or 'A' or 'AAAA' record) using each dns server's @IP.ADRS.NUM (with a leading @ symbol) which you want to test or use, including your ISP provided DNS server(s), via your Internet connection directly, see [wiki:doc/DnsResolver/TestDnsResolving#Test_Via_Specific_Nameserver here]. Soon you will see different server returning different answers !  Install a "Server IP Address" type of addon/plugin (in a torified Firefox) which can show IP address of visiting website server, using it find actual IP address of censored site.  If you want to query DNS via or using Tor Exit-node's Internet, then you will have to load or use a (3rd party or) configurable DNS-resolver/server, (and also load or use either a tun/tap interface and/or transparent proxy server type of tool) on your computer, configure them, then 'dig' can be made to query from the Tor exit-node(s), see inside Unbound Tweak section, [wiki:doc/DnsResolver#Connect_With_Nameservers_From_Exit-Node here].[[BR]]
    421422'''Warning''': Using DNS Server which connect via Tor proxy system, is not a good idea at all when same computer will be used for both "Anonymity" and "Private" purpose web-surfing. You can use a VM (Virtual Machine) only for "Anonymity" purpose usage, on the same computer. If you are going to use a dedicated VM (Virtual machine) or use a computer, '''only''' for "Anonymity" purpose usage, only then, DNS via Tor system should be used. Torified Applications which does not leak DNS query via direct local Internet connection, and properly connects with DNS-Server(s) via using Tor Exit node(s), using such are fine & ok.
    422423
    423  * [http://sourceforge.net/projects/dns2socks/ DNS2SOCKS]: A very very simple & small purpose local (UDP) DNS-Resolver/Server for windows, which can use up-to four remote/online (TCP DNS supported) DNS/nameserver at a time, via Tor (Socks5) proxy. (DNS2SOCKS.exe, v1.2, 50,176 Bytes, SHA1: 76875E0D181DDE83F5F64A09324D17ED2B6165EA.) Get it, Run it either using a batch (.cmd, .bat) file or use Command Prompt, and change your Network Interface Adapter's preferred first DNS Server into 127.0.0.1 and remove all other DNS Server IP addresses. Now all software will use local (127.0.0.1) DNS resolver, and DNS2SOCKS will connect with destination remote DNS/nameserver from the Exit-Node, and get the DNS query result, and then deliver it to local software which requested for it.  Use such a remote DNS/nameserver (from above list) which respects Privacy and Anonymity. It does not yet support IPv6, DNSSEC, as of my writing (Sept 15, 2012).  Note: When an App resolves a DNS (domainname-to-IP-address conversion) query (via DNS2SOCKS), then Tor circuits & system takes a while to get the answer/result so you may (or will) see timeout or not found, etc messages, simply do a refresh or try again, once the answer or result is inside the database of DNS2SOCKS, from then on for any future query for that same site or domain-name, Dns2socks will answer from it's database instantly superfast.
     424 * [http://sourceforge.net/projects/dns2socks/ DNS2SOCKS]: A very very simple & small purpose local (UDP) DNS-Resolver/Server for windows, which can use up-to four remote/online (TCP DNS supported) DNS/nameserver at a time, via Tor (Socks5) proxy. (DNS2SOCKS.exe, v1.2, 50,176 Bytes, SHA1: 76875E0D181DDE83F5F64A09324D17ED2B6165EA.) Get it, Run it either using a batch (.cmd, .bat) file or use Command Prompt, and change your Network Interface Adapter's preferred first DNS Server into 127.0.0.1 and remove all other DNS Server IP addresses. Now all software will use local (127.0.0.1) DNS resolver, and DNS2SOCKS will connect with destination remote DNS/nameserver from the Exit-Node, and get the DNS query result, and then deliver it to local software which requested for it.  Use such a remote DNS/nameserver (from above list) which respects Privacy and Anonymity. It does not yet support IPv6, DNSSEC, as of my writing (Sept 15, 2012).  Note: When an App resolves a DNS (domainname-to-IP-address conversion) query (via DNS2SOCKS), then Tor circuits & system takes a while to get the answer/result so you may (or will) see timeout or not found, etc messages, simply do a refresh or try again, once the answer or result is inside the database of DNS2SOCKS, from then on for any future query for that same site or domain-name, Dns2socks will answer from it's database instantly super-fast.
    424425
    425426'''Does the Public DNS Server supports DNSSEC ? ''' If a DNS query is done for a (known & DNSSEC signed) domain-name, via [wiki:doc/DnsResolver/TestDnsResolving#Test_Via_Specific_Nameserver using] using a very specific DNS-server, by using '''dig''' command-line with ''' +dnssec''' as an option, then if answer/result has '''ad''' bit inside "flags:", and you also see "'''NO ERROR'''" two words in "status:", then that specific dns server supports DNSSEC.
     
    431432}}}
    432433= Secured & Accurate Email Exchanging =
    433 A very '''secured & accurate email exchanging''' is possible (over open Internet), when such combinations are used: (1) '''DNSSEC''' supported DNS query mechanism is used by your DNSSEC-supported email-client software. (2) your own email-address domain-name is DNSSEC signed. (3) your destination domain-name is also "'''DNSSEC signed'''".  (Then, very correct IP address information can be obtained, along with various other DNS record/data, like, your & destination's "public" side of encryption certificates or keys, etc).  (4) your DNSSEC-supported email-client software has properly '''encrypted''' email(s). (5) your email-client has used '''secured & encrypted connection''' protocol & mechanism in between you & your (DNSSEC-supported) email-server. ('''Important''': Your '''email-client''' & your email-server, both, need to use (and both '''must''' be capable of using) techniques to bypass IP-address spoofers & redirectors, and connect with authentic destination IP-address of email-server specified in DNSSEC answer). (6) your '''email-server''' & your destination's email-server, both side are using DNSSEC-supported email-server(s), also see [#DNSSEC-signing this] section on DNSSEC-signing, and both side's server are using secured & encrypted connection protocol & mechanism, (DNSSEC also allows to share various Certificate & keys with visitors or users very accurately, and your email-client & both email-server have properly utilized those), and both email-servers are using [https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS '''FCrDNS'''] (forward-confirmed reverse DNS, also known as: full-circle reverse DNS, double-reverse DNS, iprev, etc), (Important: Your email-server & your destination email-server both must need to bypass '''IP-address spoofers''' or redirectors, and connect with authentic email-server). (7) you are using "'''portable'''" email-client software, from your own personal portable storage drive, where your personal use purpose software are located inside password protected & encrypted partition or drive and stays physically close to you, (and not on an online based server).  (8) once email user downloads email(s), email-server should be set to erase all trace of it, as the email is for you. And, after you download emails, delete those from Inbox and then empty Trashbox to (apparently) completely erase such emails. (9) you are encrypting emails end-to-end using OpenPGP or Self-Signed X.509 certs, and you have shared such certs with the destination "person" (or destination group only), and no one else.  Please also see above, "[#Certificate SSL Certificate]", "[#Email-Client Email-Client]", etc paragraphs under Note / Legend / Acronyms section, and see below diagram: D.
     434A very '''secured & accurate email exchanging''' is possible (over open Internet), when such combinations are used: (1) '''DNSSEC''' supported DNS query mechanism is used by your DNSSEC-supported email-client software. (2) your own email-address domain-name is DNSSEC signed. (3) your destination domain-name is also "'''DNSSEC signed'''".  (Then, very correct IP address information can be obtained, along with various other DNS record/data, like, your & destination's "public" side of encryption certificates or keys, etc).  (4) your DNSSEC-supported email-client software has properly '''encrypted''' email(s). (5) your email-client has used '''secured & encrypted connection''' protocol & mechanism in between you & your (DNSSEC-supported) email-server. ('''Important''': Your '''email-client''' & your email-server, both, need to use (and both '''must''' be capable of using) techniques to bypass IP-address spoofers & redirectors, and connect with authentic destination IP-address of email-server specified in DNSSEC answer). (6) your '''email-server''' & your destination's email-server, both side are using DNSSEC-supported email-server(s), also see [#DNSSEC-signing this] section on DNSSEC-signing, and both side's server are using secured & encrypted connection protocol & mechanism, (DNSSEC also allows to share various Certificate & keys with visitors or users very accurately, and your email-client & both email-server have properly utilized those), and both email-servers are using [https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS '''FCrDNS'''] (forward-confirmed reverse DNS, also known as: full-circle reverse DNS, double-reverse DNS, iprev, etc), (Important: Your email-server & your destination email-server both must need to bypass '''IP-address spoofers''' or redirectors, and connect with authentic email-server). (7) you are using "'''portable'''" email-client software, from your own personal portable storage drive, where your personal use purpose software are located inside password protected & encrypted partition or drive and stays physically close to you, (and not on an online based server).  (8) once email user downloads email(s), email-server should be set to erase all trace of it, as the email is for you. And, after you download emails, delete those from Inbox and then empty Trash-box to (apparently) completely erase such emails. (9) you are encrypting emails end-to-end using OpenPGP or Self-Signed X.509 certs, and you have shared such certs with the destination "person" (or destination group only), and no one else.  Please also see above, "[#Certificate SSL Certificate]", "[#Email-Client Email-Client]", etc paragraphs under Note / Legend / Acronyms section, and see below diagram: D.
    434435
    435436 * Though not very thoroughly tested, [https://www.i2p2.de I2P] closed-Internet-network system (also known as, I2P-darknet, here "dark" points & indicates to "unknown") based email exchanging is considered to be very secured. Also see, even a newer & better "'''i2pbote'''", which is a distributed & server-less, and p2p based encrypted email exchanging system.[[BR]]
    436  '''Warning''': I2P is based on Java (JRE, JDK) and I2P functions as a P2P server type of software, so '''in Windows''', avoid using your system's default location Java JRE as a server (because you will need to open inbound port toward default location Java JRE binaries, which is not safe).  (Windows by default does not have Sandbox or Jailed Box or chroot/Jail or Virtual Box for any apps. 3rd party applications are required for such functionalities).  Install portable Java JRE in a different folder, and configure I2P to use that 2nd Java JRE binary file as a server, and allow "inbound" connection in (your) firewall, (firewalls have such rule making options), and make sure that it is going only toward that 2nd (portable or copied) Java JRE binary files, (that is, if you use a firewall software and which you '''must''' or should). You can also copy your existing default Java JRE folder, to a 2nd different folder, then you must first configure that 2nd Java JRE to use other files inside the 2nd folder location, and then also configure I2P to use that 2nd Java JRE folder.  Another solution is to run I2P inside a [wiki:doc/VM VM] (guest) and then it can be used from your (host) computer or from inside the VM.
     437 '''Warning''': I2P is based on Java (JRE, JDK) and I2P functions as a P2P server type of software, so '''in Windows''', avoid using your system's default location Java JRE as a server (because you will need to open inbound port toward default location Java JRE binaries, which is not safe).  (Windows by default does not have Sandbox or Jailed Box or chroot/Jail or Virtual Box for any apps. 3rd party applications are required for such functionality).  Install portable Java JRE in a different folder, and configure I2P to use that 2nd Java JRE binary file as a server, and allow "inbound" connection in (your) firewall, (firewalls have such rule making options), and make sure that it is going only toward that 2nd (portable or copied) Java JRE binary files, (that is, if you use a firewall software and which you '''must''' or should). You can also copy your existing default Java JRE folder, to a 2nd different folder, then you must first configure that 2nd Java JRE to use other files inside the 2nd folder location, and then also configure I2P to use that 2nd Java JRE folder.  Another solution is to run I2P inside a [wiki:doc/VM VM] (guest) and then it can be used from your (host) computer or from inside the VM.
    437438
    438439 * You can (also as usual) use [wiki:doc/TorifyHOWTO/GnuPG GnuPG]/GPG, [wiki:doc/TorifyHOWTO/EMail/Thunderbird#Enigmail Enigmail], [wiki:doc/TorifyHOWTO/EMail/Thunderbird Thunderbird], etc for exchanging GPG/PGP (encryption or Other X.509, etc) encryption based (end-to-end) protected emails over regular open Internet for your Personal email.  And you can also use those software, through Tor-proxy network if you have a different email with different username for "Anonymity" usage purpose, then make sure you've in-early Anonymized or Torified these software or components (see [wiki:torbirdy Torbirdy] & load into Thunderbird), so that these are using TLS/SSL based encrypted connections through the tor-proxy network.