[pdkl95]

Not what I had in mind. Ignoring the NXDOMAIN results, what makes you trust the VALUE of the NS/A/AAAA/MX/whatever records you get from Google (or any other resolver)?

Because I have frequently seen provably-wrong results from other resolvers, and some highly-suspicious results from 8.8.8.8 on occasion (though I haven't checked particularly often).

The point being, unless you're proving the results with DNSSEC (or similar), you can't trust any source.

[sp332]

Is that the sort of thing that could be fixed by running your own DNS resolver? I mean it all comes down to DNSSEC eventually.

[pdkl95]

You can limit some of the simple abuses by resolving DNS yourself, but DNSSEC (or other crypo-auth system) is best, of course.

I use and recommend doing both, as there's very little downside to running your own resolver.