>Cloudflare, a well-known Internet performance and security company, announced the launch of 1.1.1.1—world's fastest and privacy-focused secure DNS service that not only speeds up your internet connection but also makes it harder for ISPs to track your web history.
>Cloudflare has changed this game with its new free DNS service, which it claims, will be "the Internet's fastest, privacy-first consumer DNS service," promising to prevent ISPs from easily tracking your web browsing history.
>The company has also promised not to sell users’ data, instead to wipe all logs of DNS queries within 24 hours. It's also working with auditors at KPMG to examine its systems and guarantee it's not actually collecting your data.
Cloudflare, just like google, managed to infiltrate the vast majority of internet and this makes them a threat. If you value your privacy and freedom setup your own DNS.
Juan Russell
>makes it harder for ISPs to track your web history How?
Ryder Scott
Cause you arent using your isps dns :shrug_emote:
Logan Kelly
>Not using one of the root servers.
Nathaniel Torres
But your ISP can still see all your connections
Xavier Sanders
Nice try, buttflare!
Landon Wilson
It doesn't. DNS is pretty much completely unencrypted. Changing it to Cloudflare isn't going to stop snooping.
Instead, the best thing you could do is make your own DNSCrypt somewhere on a VPS, then route all DNS traffic from your router to there. But then the people who provide your VPS can snoop...
Honestly, this is only a problem solved by not being paranoid that people give a shit that you're looking at tranny porn.
At this point I can't tell who shills Jow Forums more. Cloudflare or AMD?
Anthony Evans
What's the angle on this? What does Cloudflare gain by offering a free service where they aren't collecting private info? Something doesn't add up here...
Tyler Mitchell
Are you retarded? How would sending queries to another DNS server prevent your ISP from seeing your connections?
Jayden Cox
can you stop shilling their garbage like a dumb brand loyal drone
cloudfare man in the middles all traffic. their dns will extend their surveillance on every connection your client does to the internet.
don't fucking use cloudfare
Austin Walker
don't be mad, the average ni/g/ger doesn't understand how the internet works
Colton Jones
here fren you may copy this so you dont have to egas
cloudflare is already MITMing you on 80% of the sites you visit you dumb nigger
Anthony Turner
enough for your sorry ass to buy tendies and shitpost from daddies basement. i'm sure your parents are proud of you
Levi Kelly
can't use 1.1.1.1 right now because my ATT router and may others were using it for some reason
got 1.0.0.1 as primary for now, ipv6 works fine
Nolan Collins
oh really, you think my post didn't imply that you dumb faggot. how retarded actually are you?
Brandon Jackson
they are dead, i live with my grandmother.
William Hill
y-you can use 0's in ipv4 addresses?
Nathaniel Brooks
DNS over TLS is not a fucking standard you fucking faggot. Instead of sucking cloudflare's cock why don't you run your own DNS server and use DNScrypt?
Nathaniel Adams
→ cmon nigger.
Hunter Perry
why so angry gaylord.
Colton Hernandez
I was going to use Cloudflare myself, but went with dnscrypt.eu-dk instead since it's usually not more than 1ms slower.
Jackson Hill
The samefagging is strong in this thread.
Aaron Peterson
Being standard wasn't the question you goalmoving retard. Those tech illiterate retards didn't even know you can encrypt DNS traffic.
How do I read this? Is the Red bar the loading time for new websites, green for websites you have visited before, and then I don't know about the blue bar.
They are right, for DNS queries to be encrypted you need some special snowflake protocol. Using cloudflare DNS is even more retarded than using ISP's DNS servers since you are leaking data two times instead of one. DNS over TLS is not supported by a shit ton of stuff, that makes it unpractical to use and that is why having a standard is important. If you are going through the hassle of setting up an half assed DNS server you might as well go all out and run a proper one on a raspi or something.
tl:dr use unbound + DNScrypt + OpenNIC if you are not a faggot.
Ethan Green
>OpenNIC >immediately means no DNSSEC
Lucas James
No, they are not right. DNS can be encrypted. No one specified you had to use defaults. I thought Jow Forums would be smart enough to know DNS isn't encrypted by default. The point is that DNS can easily be encrypted which those anons obviously didnt know.
Andrew Sullivan
Because many websites now use shit like AWS and Cloudflare where the IP of a site will change very frequently. Without a DNS query you have no concrete way of tracking which site of thousands the user may have been going to.
Hudson King
What DNS servers are you using? Don't tell me cloudlfare because if you are leaking your whole browsing history DNSSEC should be the least of your worries.
You are the one who wrote DNS and DNS is not encrypted just like HTTP is not encrypted. DNScrypt, DNS over TLS and so on are different protocols than DNS just like HTTPS is not HTTP. You can't expect other people to know what's on your mind when you use the wrong word to refer to something.
How does that have anything to do with the fact that opennic immediately means no dnssec, unless you trust MIT.
Angel Gonzalez
>tools.ietf.org/html/rfc7858 It is like you can't even read the shit you are posting. Top right of the page, there is a bold "PROPOSED STANDARD" writing. Pic related in case you can't find it.
Answer to the question in the post you just quoted
So you're basing your argument on something that won't even be true in a few months? Why do you care if it's a proposed standard or a finalized standard? It's being used in the real world already either way.
Austin Myers
I am basing my argument on the fact that standards takes ages to get adopted. Over and out, use cloudflare or whatever the fuck you want. Have a nice day.
Ryder Taylor
DNSSEC is not DNScrypt. Also I don't use Cloudflare, although I haven't seen any evidence of it leaking or being worse than unencrypted shit.
Gabriel Hall
Would you have said the exact same thing about Google and Facebook five years ago? >Google is awesome! They're the good guys, you're just paranoid lol. >Facebook is a normie trap, but it's harmless. How about law enforcement? >The NSA is backdooring software and hacking domestic companies? Fucking tinfoil nutjobs, the NSA is only looking out for the security of the US.
I've learned to be very distrustful of anyone or anything with lots of money and power. Calling paranoia despite the evidence is just ignorance.
Isaac Scott
>standards takes ages to get adopt This one in particular happens to be getting adopted fairly quickly. Regardless, the way the IETF marks it has little or nothing to do with adoption. Look at the IETF RFC for the IRC protocol. It's still labeled "experimental" and not even on the standards track and yet it's been everywhere for decades.
Aaron Hall
If you don't trust encryption you might as well an hero.
Jeremiah Sullivan
>It's still labeled "experimental" Maybe nobody told them?
Christopher Lewis
But lots of sites don't use those services, and if someone were determined they could discover which IPs resolve to which sites on a fine grained enough timespan to do a statistical analysis of traffic and determine with some probability and confidence which sites you were visiting.
If you think this is complicated you're a brainlet. ISPs have been known to to some pretty deep analysis of traffic for marketing and to detect torrenting traffic, even when tunneled.
Lucas King
>ping 8.8.8.8 >42ms
>ping 1.1.1.1 >8ms
how the fuck? i think im gonna try this shit
Easton Gonzalez
This has nothing to do with encryption, and besides crypto is NOT a panacea! Cryptographic algorithms cover only one level of data privacy. Metadata about the communication are also important. Things like who you were talking to, how much talking happened, the timespan of the communication, etc.
Maybe you were talking to a friend about a cookie recipe, maybe it turns out this friend has a prior for drug dealing you didn't know about, maybe law enforcement are monitoring this connection and are looking for a reason to raid you. Maybe they take your encrypted communication to a judge and tell them it's extremely likely you're coordinating drug trades. It doesn't matter that they don't actually believe it, it only matters that they could fool a judge into believing it.
Oliver Jenkins
Germanfag here. It's not faster. Google is faster (but still not fastest)
Mason Powell
It depends. Popular normie sites/services/products will typically be on some cloud provider (AWS, Google Cloud, Azure, etc) that has elastic IPs and typically using a load-balancer in front of Kubernetes or whatever. So you are more than likely going to get routed to a different IP on almost every request. This is how they deal with millions of visitors per day or even hour.
Your niche websites that have only a couple hundred or thousand views a month will definitely only reside on one server. Whether that's run of the mill shared hosting or a VPS with a provider or even in someone's house.
In a way, it's almost easier to track the website usage of some niche site visitors than normie usage. However, the normie sites also have a ton of tracking regardless of what your ISP can do so sort of negates that.
Connor Parker
>normie
Oliver Morales
>Hey how about you trust Americans with your DNS How about fuck no
Joshua Wilson
At least in America you dont go to jail for mean tweets like you EU cucks.
Colton Young
lmao keep trying to justify your shit with "but, but, surely you have it worse!" bullshit. Enjoy being spied on and having no privacy online while the EU just passed an extensive privacy legislation lol. And there's a reason anything privacy related should be considered compromised if they're US based
Landon Bell
ok Ahmed
Gabriel Torres
lmao I don't think US can say shit about that topic to Finland
William Adams
>Not running your own local resolver utilizing DNSSEC and DANE/TLS-A You're better than this!
Oh look, another shill thread for cloudflare's man in the middle.
Every single fucking day you post this shit.
It doesn't, your ISP, and other ISP's, can see everything you do as you route through their hardware.
Lincoln Roberts
They're on your local network. Run while you can!
Carter Morris
cry more faggot.
Levi Gonzalez
i use my own modem and router, bitch nigga
Nolan Thomas
>Can it be trusted?
With what? They are gonna run analytics on your DNS and sell it to advertisers with larger datasets. Running your own DNS with an extended cache is not difficult. The registrars will still know when a domain was looked up but they can't tell how often you did. If you do this, you will still be fingerprintable since there aren't many people who do this.