> I know that anyone can use any DNS server that's exposed to the internet, > also for free, so what's the big deal about google?
IMO a DNS server configured that way is poorly configured (unless you're actually trying to run a public service, as google is). Instead the use of BINDs allow-recursion statement (or equivalent) should limit recursion to only the ISPs customers. So, anyone can use the DNS to look up any hosted zones, but only the ISPs customers can lookup other zones. The network will need anti-spoofing controls as well. FWIW bigger ISPs will split their DNSes, with some dedicated to hosting zones and others dedicated to recursive lookups. Limiting recursion helps with amplifications attacks.
