[xja]

It's strange how the fact that it has an easily rememberable IP address has driven adoption of 8.8.8.8. I have a couple of other DNS servers memorized from before 8.8.8.8 appeared, I'd likely switch to them.

I guess the predictable would happen. Badly configured systems would stop working. Systems with a working secondary DNS would keep working.

More interesting question is what could you do if 8.8.8.8 was compromised? That could be interesting.

[Piskvorrr]

Compromised? Not much to do, but it also wouldn't hurt much. A rogue DNS can mishandle your queries, but in this age of HTTPS and SSH and whatnot, you should see right away that you're not connecting to legitimate endpoints: certificates aren't going to match.

[therealmarv]

The country Turkey compromised the Google DNS IPs once. It's also a way to block certain websites (no matter if HTTPS or not): http://arstechnica.com/information-technology/2014/03/turkey...

[Piskvorrr]

Nope. Just rerouted packets going for 8.8.8.8 somewhere else; that's a MITM, not a compromise (although with an unauthenticated service such as DNS, the difference is academic for the client). Still, the sites are still accessible if you can get the IP address from somewhere else - which can be a different DNS server or even the hosts file.

I do agree that such block is enough to deter most non-technical users.

[therealmarv]

That article is also old. I'm guessing Turkey has upgraded and maybe bought some tech from the Greate Firewall of China ;)