Episode: 3323
Title: HPR3323: The alternate Internet you never knew existed
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr3323/hpr3323.mp3
Transcribed: 2025-10-24 20:48:51

---

This is Hacker Public Radio Episode 3323, for Wednesday the 28th of April 2021.
Today's show is entitled, The Alternate Internet, You Never New Existed.
It is hosted by Clot 2 and is about 29 minutes long and carries a clean flag.
The summary is, I changed my DNS server and you won't believe what happened next.
This episode of HPR is brought to you by an honesthost.com.
Get 15% discount on all shared hosting with the offer code HPR15.
That's HPR15.
Better web hosting that's honest and fair at An Honesthost.com.
Hey everybody, this is Clot 2, you're listening to Hacker Public Radio.
In this episode, I want to talk about an alternate internet.
You may not know exists or you might, but I'm going to go into the assumption that you don't
and that's what we're going to talk about in this episode.
So, funny thing about the internet is that, oh by the way, before I start
proper, I should mention, yes, there are a lot of directions this could go.
And I hope that this will be somewhat unique and take you by surprise.
So, anyway, the funny thing about the internet is that it only works because everyone
believes in it and that's, I mean, that's not strictly true.
It only works the way that it works because everyone has agreed that when you go
on to the internet, you're going to speak a certain technical language.
In other words, or rather, your computer is going to communicate along certain technical lines.
So, in other words, when you go on to the internet, you're going to roam around
port 80, probably, mostly. And that's just that's the assumption.
When you go on to the internet, you're going to look around this sort of name space as it were,
this subdomain called www, which is that first part in a URL, at least traditionally.
I mean, it's so common that we frequently drop it.
And that's why in the 90s movies that you watch, or the 90s TV shows, or if you go back and watch
probably 90s commercials, and probably even early 2000s, or maybe only early 2000s, I don't know.
Old stuff, you'll listen to it, and they'll say things like www.example.com.
And you think, why are they saying www all the time?
And they got so tedious that people would say things like dub, dub, dub, because they didn't want to
have to say www too many syllables, dub, dub, dub.
So, it was a really, really common thing for a long time.
And now we just take it for granted. We just say, we just say example.com,
knowing that everyone is going to go to www.example.com, because no one would try to go to,
I don't know, www.example.com, or something weird like that. That would be silly.
Everyone knows that internet sites exist on www.
So, anyway, another thing people, everyone sort of has agreed on, is this assumption that
there are, well, historically, there were like, I don't know, three, what we call top-level domain.
That's those, the letters at the end of the URL. The last, uh,
stanza of a URL, the .com, oh, the .org, the .gov, I guess there's .net for a while too.
I don't know when that came out. But anyway, there, there were certain top-level domains that
you could have. Now, these days, I think it's, it's relatively widespread knowledge that that is a,
like, there was, there's that nothing actually magical about .com.net.org.gov.
Oh, .edu. How could I forget, forget .edu? So anyway, there's nothing magical about those
things. It, it, it only, it, it, it, it's just, they were there. That's what was being offered.
And, and we'll get into what it means for something to be offered like that. That was a, what was
on offer. And so people used it. They, they, they, they had a menu placed in front of them,
and they chose when they were registering their, their domain, either .com, .gov, .edu, whatever.
And, and this worked because everyone knew when they typed in a URL into their, into their browser
that it had to end in a .com or .edu or .gov or . whatever. And, and so everything sort of the,
things were able to meet as it were online. Because if you went to your URL bar and just typed
in whatever you want, example .clat2, then that wasn't going to get you anywhere. But as many hackers
are want to ask, why is that? How did that get established? Where did that come from? Well, I am,
by no means a historian of things internet. I'm sure there are many listeners on here who could
tell a very, very accurate story of how all of this actually came about. For me, I got in pretty
late. I do know, however, a little bit about DNS and ICANN. So the ICANN is the name of an
organization. It wasn't a statement of what I was prepared to do. Um, so DNS as, as you may or
may not know, is this system to marry together IP addresses and human-friendly names. It's a simple
way for computers to be able to talk in numbers, such as 93.184.216.34 or something like that,
and humans to be able to speak with words, such as example.com. That's DNS. It translates one
from the other. But in order for DNS to work, there needs to be a master list of what number
has been assigned to what name. And in order for that to work, there needs to be some sense of
ownership or priority to a name. So you wouldn't want clatu claiming example.com was his when
IANA has already claimed it. That would be problematic. And so there came about a not-for-profit
public benefit corporation with participants from all over the world. I'm reading this straight
from their website, dedicated to keeping the internet secure, stable, and interoperable. It
promotes competition and develops policy on the internet's unique identifiers through its
coordination, the internet's naming system. It has an important impact on the expansion and
evolution of the internet. So in other words, there's an organization out there called ICAN,
ICAN, that's internet corporation for assigned names and numbers. That keeps track of all the names
and the numbers that they're supposed to forward people or computers onto when a name is requested,
a domain name is requested of the internet. You type a name into your browser,
somewhere a computer translates that into a number. You don't know it, it's happened. Okay,
so that's the structure as it exists. There's ICAN, they take names, they take money, and they
assure, because everyone's agreeing that ICAN is the one who manages domain names, they ensure
that those domain names are reserved for the people who have paid for them. And this works quite
well. It's worked for a long time. You don't have to be anyone special as you may or may not know,
you can buy a domain name yourself. You can go to anhonesthost.com, A-N-H-O-N-E-S-T-H-O-S-T.com
slash domains. Remember that is getting translated into a special number behind your back,
but you'll get there, you'll get to the server, and you can search for a domain name that you want,
such as yourgreatdomain.net or example.com. That's not available, but you could search for it.
When you find one that is available, you can reserve it, and an honest host does some kind of
registration process with ICANN, and make sure that your name and contact information gets
entered into the big internet book, and from now on, you have ultimate say over what happens
with that domain, what server that gets pointed to. And if you own the server, then you have ultimate
say over what displays in people's web browsers when they go there. Now imagine a world where
you decided that ICANN wasn't the ultimate authority on that name number conversion process.
Imagine a world where someone was keeping an alternate list of different names, special names
that aren't reserved by anyone, but also aren't available for reservation for anyone,
and a different list and their own list of numbers that would then correspond with those names.
If that were to exist, then you could, when you go into a web browser,
you could tell your web browser or your computer to skip over the rest of the world's domain name
system, and instead consult this alternate secret list, and you could go anywhere. Well,
anywhere that was populated. So you could get your own domain name presumably on this alternate
list, and then you would have a website that really is out there. It's in the world. It's
available for anyone to see, except people wouldn't be able to sort of stumble on it unless they
were using this alternate list. So I want to be clear here. This is not a form of encryption.
This is not a form of, well, maybe it's a vague form of obfuscation, but that's not why it's
interesting, I don't think, and then that's why that that would be a weird way to look at this.
This is simply, arguably, a more democratic method of doing DNS, because there would be no money
changing hands. It would be driven by volunteer volunteers and volunteer organizations. It would
be something that was outside of sort of the purview of really an established infrastructure.
Well, I say infrastructure. What I mean is an established structure, I guess, because this is
an important, this is another important point about this, and that is that the internet really,
for a moment, we could think of it as two different things. There's the software side,
but then there's also the hardware side, and this theoretical alternate list of domain names and
numbers would, it's all software. So it's out there. It's easy to get its open source. It would
be super simple to implement and to use, but the hardware, obviously, is it obvious? The hardware
is, it still has to exist. In order to, you know, the internet is a huge networking exercise.
It has been a global experiment in running a lot of cable, and it has gone really, really well,
amazingly. I guess, I mean, I guess it depends on your area, and you might argue that, say,
fiber didn't reach your neighborhood quite as quickly as it should have, or maybe reliable internet
hasn't reached you at all yet. So maybe it hasn't gone well for you, but I think if you zoom out and
look at the whole world, it's been pretty effective. I reckon, and it's continuing. But that infrastructure,
that literal infrastructure belongs to somebody, you know, the wires belong to a company who
paid for the wires, and then hired people to dig tunnel, or dig ditches, and put the wires down,
or to put them on to telephone poles, or however they're being run. So that stuff is still,
would still be a necessity, until we reach the point of a global mesh network. We'll still need the,
well, even then we'll need hardware, but it won't be, we wouldn't need cables presumably. We could
just sort of, it would be a mesh network of, like, magic Wi-Fi or something. So, or maybe not Wi-Fi,
maybe it would have to be something else. But point being, the hardware is going to be there,
and it's going to be your requirement, no matter what, in this, for right now. So, I'm speaking
exclusively of an alternate, quote, alternate, internet, unquote, on the software side. And it
turns out that such a thing does exist. It's called opennic.org. That is, O-P-E-N-N-I-C.org,
such as open network interface controller. That's what, that would stand for. Presumably opennic.org.
You can go there, and you'll see that they announce, or they, they present themselves as an open
and democratic alternative DNS route. What this means is that you can tell your computer,
or you could do it at your router. We'll get into that in a moment. You can tell your computer
to check opennic DNS servers when seeking to translate a name that you give it in the internet
browser, or in a terminal, whatever you're using. Check that alternate list for name resolution,
find a number for that name, and send you there instead. So, for instance, you could go to b.libre,
b-e.libre, and there would be a site there. It wouldn't just come up, can't find that site.
There would actually be something there. You could go to example.gofer, and there might be a site
there. I don't actually know. I didn't check, but you could do that. These things, there would be
sites at extension, or at top level domains that, that on paper, they don't exist. So, how would you
go about doing this? Well, it's honestly super simple. That's why I had to pad this episode out
with a bunch of history and stuff, because it's, it's, if you've, certainly if you've ever changed
your DNS server ever before, then you're halfway there. Now, if you haven't done that, don't worry,
I'm going to kind of address how that would be done. There are a couple of different options,
but it is pretty simple. And, and again, it's not magic. It's simply telling your computer,
hey, instead of checking, I don't know, eight dot eight dot eight dot eight for all of the names
and numbers, first go by this server and check it for names and numbers. And if, if a name and number
exists there, that's where I want you to take me. And this can be a little bit tricky with modern
software with modern browsers, trying to be sort of more helpful than maybe they ought to be,
but open nick has, has answers for all of these problems. So, let's talk about how to do this.
So, the, the first way, I guess, I guess I'll go local, local, close to far. So, the, the most
local localized way to do to implement this would be to change your DNS server on your computer.
And there's a wiki on open nick dot org, go to the wiki, you can find instructions on there how
to set your DNS on Mac and Windows. There is surprisingly, honestly, no entry for Linux yet.
I've requested access to the wiki. So, we'll see if I can add that soon. But on, on Linux,
there are a couple of different ways to do it. Certainly the, maybe the, the, the traditional way,
I guess, would have been, what would be to look in slash at c slash resolve dot cons. That's slash
ETC slash resolve, no e on the resolve, r e s o l v dot cons. And there ought to be some
name servers listed there. And it's probably a name server given to you by your internet provider
or something, or, or maybe, well, it could be from your internet provider, it could be from a
router that you're, you're interfacing through your gateway router, essentially. To be a couple
of different things, you can change it theoretically. You could just change it yourself to one of the
open nick DNS servers. So, for, for a name server, rather than having, I don't know, again, 8.8.8.8.8, let's say,
which is a real one. That's like Google's name server. It's a really easy one to remember for
pinging tests. Name server, you, you could enter something different, such as 112.109.8.4.76. I didn't make
that number up. You have to go to open nick.org, scroll down, no, actually look down at the bottom
of the page. And it will tell you your closest servers. And it lists them right there for you,
exactly, exactly the, the closest server that you could use. And, you know, geographic location
is important. So, if you can find the, the closest one to you, you'll get a better response in
theory. So, that, that is something that's worth doing. So, you plug one of those numbers into your
slash Etsy slash result.com. And then you can do things like, I don't know, ping bbe.libre. And I
actually get pings back. And b.libre is just a, it's a site that I just randomly, like, that is
linked from a couple of the top level domains, like, well, dotlibre, for instance, and dot geek.OSS.
Actually, a lot of these linked to Libre V dot Libre, not dot oz, though. That one goes to open
nick dot oz. So, anyway, once you change your, your name server, then your computer is looking at
that name server. And so, it, no, it can, it'll understand it will be able to map correctly a wacky
top level domain, like, dotlibre, or dot oz, or dot null, or dot pirate. Those are all valid things
because you're looking at that name server. Now, if you were to try to ping one of those servers
before entering your name server, then it, you get an unresolvable, it'll say not recognized
or something like that. Unknown host. So, and you don't, and it's important to mention here,
you do not mean, you don't lose access to the, the other internet, like, you know, the one
that everyone else is using. You can still ping, for instance, example dot com. That resolves.
You can ping all the usual websites. It's just, you also happen to get all of these other
websites that people may not really be aware of. Who knows what you'll find on there? Maybe you'll
find the dark web. That'd be exciting, or the deep web even. That's even worse, I think. Anyway,
so that's, that's the easy way to do it. I guess it's the traditional way I should say. There's,
there's a more correct way to do it now. And that would be to go through network manager,
assuming you're running network manager. And you probably are most distributions these days,
at least ship with network manager. And if, if you don't, if you're not using it, then you'll,
then you'll know that you're not using it. And you'll, you'll know how to enter DNS probably.
In network manager, you, and, and network manager is not always called network manager. I guess,
I mean, it is, but sometimes the system settings just call it connections. For instance, in KDE 5,
that's what it calls connections. That's what it says. But it comes up when I type in like network.
It, it knows generally the keywords. So you find the place where you configure your internet
connections, whether it's your Wi-Fi or your ethernet or whatever. And somewhere in there,
whether you're using KDE or GNOME or something else, somewhere in there, there's going to be a
place for you to enter a DNS server. This is oftentimes either blank because it's getting it
from your router or it is populated with something by your, from your router. Generally speaking,
you can override this. And also generally speaking, if you do that, basically what you're doing is
you're entering a, a number into a configuration. And when network manager starts up, it checks
that configuration file, sees that there is a DNS server that you want to use. And so it places
that number in that same slash Etsy slash resolve.conf file for you. So in other words, it's, it's just kind
of a, a more official or a less personal way to add a number to slash Etsy slash resolve.conf.
You're going through network manager so that it can do the thing that you were going to do anyway.
But that's, that's the way that network manager likes to work. And so that's how you can do it. So
I went to my wired connection. That's, I'm on ethernet right now with a wired connection. And in
IPv4, that's the tab of my wired connection. There's other DNS servers. I enter my DNS server there.
I click Apply and it's configured. I think not 100% sure. I think I had to kick myself offline.
And then bring my connection back up for that to kick in. That's, that's my, my recollection. I
think I had trouble initially switching over. But that's, that's pretty easy to do. Okay. So that's,
that's two methods. The, the second method is the like the quote correct way to do it. The first
method is just kind of the common traditional way of doing it on Linux. It's two methods to get your
computer, your Linux computer to look at the open nick dot org DNS, the open nick DNS system.
There's a different way, which I can't really go over in quite the same amount of detail because
everyone is going to be a little bit different on this one. But you can also configure this on your
router. So if you have access to your router, I mean, if you're living in a place where you,
you don't own your router, you don't have the password, you're not allowed to mess with that,
whatever, then this won't work for you. Obviously, and that's why you would want to configure this
on your computer. But if you, if you own the router at the place where you live or work or whatever,
you have access to it, you're able to, you have free reign over that thing or you've maybe,
you've, you've managed to acquire free reign over a router at a place, maybe at a cafe or something
or, or anywhere really, you've acquired access to the router. You feel confident that you can
change the numbers on that router. Then you can just change your, the globe is not the global,
but the master DNS entry of your access point. So that's in, you know, all the routers out there have
different sort of interfaces. So it's kind of difficult, usually, to describe how to get there
exactly. But certainly on the router that I just purchased, it's in the internet. Well, it's in
the advanced tab and then you go to the internet and then that's the drop-down menu and then there's
a, an entry that says DNS or domains or something like that. I don't know, something that was obvious.
Actually, I'm lying. I just, I just, the router I just bought, actually, the, the entry is in the
internet section and I don't have, I do not have an easy way to change that because the connection to
my ISP requires a very specific settings like it's very, very strict on because I'm not using the
ISP's router. So I had to get it at router that was, that, that would, that would work with this ISP.
And so yeah, there are some settings in there that I am very hesitant to try to change and to override.
So ultimately, I did not configure it on the router, but that's where you would do it. There's
an entry usually on DNS, under DNS, you know, in the internet section or the DNS domain section or
whatever it is on your router and you can put in usually a couple of different name servers. And like I
say, you'll likely want to place the open-nick DNS at the top of the list. You want that to be your
priority domain name server. You may even want to use exclusively open-nick DNS. It's up to you.
Once you do that on your router, you can save your settings, let it flash its firmware or whatever,
whatever process it needs to do. And you should be good to go on any computer on that network. So
that's kind of nice using that method gives you access to the open-nick system on everything. Nothing
needs to be aware that it's using open-nick DNS because the router is just handing it a number.
It's getting put into resolve.con for the equivalent file on whatever OS the device is using
and everything just kind of works magically. Well, I say magically, but actually there's a slight
problem. So in the terminal, everything just works magically. It's great. You can browse around,
in a terminal, you can ping things, you can W get things, you can curl things. Everything just
works. It's great. In a graphical browser, whether you're talking about Firefox, Chromium or
Chromium, those are the only three I tested. This sometimes has a little bit of a speed bump,
let's call it. And that is that the browser attempts to correct what it sees as, well, nonsense
domain names, really. It doesn't understand what you're trying to tell it to do. So for instance,
if I open up, well, actually, I can't emulate it right now on Firefox because I fixed it. I did
the thing, but I can emulate it on, for instance, Chromium. And so if I go to opennic.oz, which is
a opennic space, oh, that works because I've been there before on Chromium. All right, what if I go
to grep.geek? Yeah, there's a failure. Okay, so Chromium in this case, but like I say, it happens
on Chrom, usually happens on Firefox. The browser itself intercepts your query or your navigation
and asks, or it takes you to a search page, whatever your search engine is, opens that up and
suggests sites. And none of these are grep.geek because according, you know, this search engine doesn't
know about opennic. It doesn't understand opennic top level domains. So it can't help you with that.
Now, fortunately, at the top of the browser, there's this little message that says, did you mean to go
to HTTP colon slash slash grep.geek? Question mark, and if you click on that link, then it takes you
to grep.geek. I'm going to do one experiment real quick, HTTP colon. Okay, so if I, if I, today,
if I enter HTTP colon slash slash grep.geek myself, then it seems to take me there without questioning
my choice, but without the HTTP, it fails to work. I thought I'd tried that some time ago before
trying this other method that I'm about to say, and it didn't work. So I wouldn't necessarily count
on that. And either way, it's not necessarily the most convenient thing in the world.
But if you go to open to always type HTTP colon slash slash, you feel like you're, you know, in those
90s commercials or whatever, in the 90s movies, what you can do, though, is you can go to opennic.org.
Here it is. Opennic.org and go to, I think, find out more. That's the big, well, currently at the
time of this recording, that's the big button, big blue button on the, on the front of their page,
right next to discover sites, which we'll get to in a moment, find out more. And along the,
in this text, there are some browser add-ons. And these browser add-ons, they distribute them for
both Chrome and Firefox. They, they can intercept your browser's interception of your URLs and
stop the questioning. It, it'll add, it'll add this to your, to your browser. And, or rather,
it will remove that capability of your browser. It'll just take you straight to those, those domains.
Now, even if you don't do a browser add-on, which isn't really necessary, I went without it for
ages, been playing around with it lately. But I, I don't know if I'll keep it installed, to be honest,
because it's really not that big of a deal to just either type in the HTTP colon slash slash,
or suffer through the first time of going to a site, being questioned by your browser about that,
confirming that that's where you want to go, and then ending up there. And then from then on,
your browser won't ask. It kind of like, it caches it, I guess, and, and recognizes it as a valid
address. So, it's not the worst thing in the world. You can do this on mobile as well. OpenNick.org
distributes, or it makes available some, both Android and iOS DNS wizards to help you configure your
mobile device, to be able to use OpenNick DNS, and then you're up and running on all of your
devices. What more could you want? So, yeah, that's the other internet that's out there. It's a
thing that you'll have to discover. There's a whole side of the internet that isn't within the,
I don't know, 50 or 60 or 100 top-level domains that we have now, but they're out there. You just
have to know where to look to get their home address as it were. So, check that out. OpenNick.org.
It's a lot of fun. It's a brave new world. And you can, of course, register a domain there for free.
You just, you just lay a claim on it, and then you have it for a while. You have to re-register
pretty frequently to keep hold of it, but that's just part of the, part of the deal. You just do
that frequently. And then you've got the domain, and you can put websites on that domain. Or you can
point that domain at websites, I should say, and have your own internet site on the other
internet that most people don't really know about. What's the use of that? I don't know. Sometimes
these things you just do because you can. OpenNick.org. Enjoy.
You've been listening to HackerPublicRadio at HackerPublicRadio.org. We are a community podcast
network that releases shows every weekday Monday through Friday. Today's show, like all our shows,
was contributed by an HBR listener like yourself. If you ever thought of recording a podcast,
then click on our contribute link to find out how easy it really is. HackerPublicRadio was found
by the digital dog pound and the infonomicon computer club, and it's part of the binary revolution
at binrev.com. If you have comments on today's show, please email the host directly, leave a comment
on the website or record a follow-up episode yourself. Unless otherwise status, today's show is
released on the create of comments, attribution, share a light, 3.0 license.