Notable that he calls the "kill-switch" a "mistake". For example, Chrome does the same thing. When it starts it checks for some presumably non-existant domain name.
Yes, this sounds right. It has been a while since I looked at it. Is it just one name? I have a faint recollection it tried more than one.
Anyway, how is the difference significant?
A localhost cache can point at a custom root.zone. The user can make her own authoritative nameserver assignments for any given zone or domain. Zone files can contain wildcards.
Responses can also be rewritten on the fly.
The end user can exercise full control over what is and is not a "valid" domain name. She can prevent her applications from ever receiving an "NXDOMAIN" response.
Maybe I am missing something but this "test" seems brittle; it only tests ICANN DNS.