Privacy

31609 readers

313 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

Best DNS for privacy? (discuss.tchncs.de)

submitted 1 year ago by [email protected] to c/[email protected]

52 comments fedilink hide all child comments

I read a bit about using a different DNS for Privacy and I think the best one should be quad9? Or is there anything better except self hosting a DNS?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 1 year ago (1 children)

Use your own. That may not always be the best way to go, as it'll make fingerprinting also much easier. The more custom your setup is, the less there are like you, the easier your tracked by fingerprinting techniques.

Not saying it's bad per se, but the idea that trusting no one and setting everything up yourself is always more private isn't true either. Both providers and do-it-yourself have negative sides one should stay critical about.

[–] [email protected] 0 points 1 year ago (1 children)

How using selfhosted DNS makes you easier to be tracked?

[–] [email protected] 0 points 1 year ago* (last edited 1 year ago) (1 children)

As I said:

as it'll make fingerprinting also much easier.

Fingerprinting is a technique where they look at everything they can grab from received requests and try to use that info to identify people. The things you block (like ads and trackers), the used DNS, your user agent, your IP, etc. It's all used to try to identify you. The more you blend in with others, the harder to identify you are. The more custom stuff you have, the easier to identify you are.

If fingerprinting or not having to trust third parties is more important depends on your threat model. But it's important to know the risks of a trust-no-one do-it-yourself approach when making the decision.

[–] [email protected] 2 points 1 year ago (1 children)

Well, my question was specifically about DNS. I don't think that the sites or services you use have any way to know what DNS are you using.

ISP can capture DNS traffic, but this is where threat model comes into play... Like if you are concerned about some entity to collect you profile based on data from ISP which includes both your DNS queries and your IP

[–] [email protected] 0 points 1 year ago (1 children)

Well, you're right. I was mixing a few things up in my head. My bad. Altrough I did find a few interesting ways that can be used by websites to find client side DNS, it isn't exactly the norm or likely to hit you with custom setups.

I retract my point on DNS, but the general notion that do-it-yourself isn't always better stays. Al be it off-topic here now.

[–] [email protected] 0 points 1 year ago (1 children)

Interesting, can you share any links regarding finding client DNS?

[–] [email protected] 1 points 1 year ago

There are quite some results if you search online, but here's one with some specific info: https://security.stackexchange.com/questions/129917/how-does-a-website-know-the-dns-server-a-client-uses