Re: Hackers hijack 300, 000-plus wireless routers, make malicious changes | Ars Technica

[Brandon Galbraith <brandon.galbraith () gmail com>]

On Tue, Mar 4, 2014 at 12:33 PM, Ian McDonald <iam () st-andrews ac uk> wrote:
> Until the average user's cpe is only permitted to use the resolvers one has provided as the provider (or otherwise 
> decided are OK), this is going to be a game of whackamole. So long as there's an 'I have a clue' opt out, it appears 
> to be the way forward to resolve this issue. Shutting down one set of 'bad resolvers' will simply cause a new set to 
> be spawned, and a reinfection run round the still-unpatched cpe's of the world.

+1. Local network resolvers/trusted providers (Google 8.8., OpenDNS),
"Clue Opt Out" switch available if needed.