Jump to content


Photo

QUAD9 DNS


  • Please log in to reply
2 replies to this topic

#1 Breakfast

Breakfast

    Newbie

  • Members
  • Pip
  • 6 posts

Posted 07 December 2017 - 04:35 PM

A new DNS service recently came out of Beta: QUAD9 DNS: https://www.quad9.net/#/.

 

Would love to see AirVPN offer a similar service exclusively through the VPN Tunnel, though I do understand it goes against the principle of net neutrality, but it is possible to setup up QUAD9 DNS on your router/desktop/laptop/smartphone etc and reap its benefits. It is especially useful when used in conjunction with AirVPN on your router if you use IOT devices.



#2 zhang888

zhang888

    Donald Trump of IT/Security

  • Moderators
  • 2205 posts

Posted 07 December 2017 - 05:01 PM

This "service" is just another word for internet censorship.

They clearly state in the ToS that all the data is shared with 3d parties, so it's black on white:

 

We share anonymized data on specific domains (such as domain, timestamp, geolocation, number of hits, first seen, last seen) with our threat intelligence partners. Please note that this information does not contain source IP information or any other identifier that would directly identify the end user or their organization. 

In addition, as a default, users of the service will be blocked from unknowingly passing origin network data through to authoritative nameservers, which is a privacy leakage issue about which most people are unaware. There are specific methods (IP addresses different than our “primary” addresses) which allow this feature to be selected for re-activation, and end users selecting these alternate resolution IP addresses accept the risks of this information being transmitted to end authoritative nameserver operators or intermediate interception potential. 

 

Users are welcome to censor their internet connection themselves by using this or other services such as OpenDNS.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.


#3 OmniNegro

OmniNegro

    Advanced Member

  • Members
  • PipPipPip
  • 277 posts
  • LocationThe Fiery Pits of Texas, USA.

Posted 08 December 2017 - 01:56 PM

Want a better option? Try DNSCrypt.

 

Most Windows users will want "Simple DNSCrypt" instead.

 

Just take a look at the default included list of free resolvers and the conditions they have to address to be included in the list in the first place. OpenDNS used to be in the same list, but the fact that they always logged and plainly lied about it got them kicked.

https://github.com/jedisct1/dnscrypt-proxy/blob/master/dnscrypt-resolvers.csv


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Servers online. Online Sessions: 14884 - BW: 56322 Mbit/sYour IP: 54.156.51.193Guest Access.