Why haven't you switched your DNS to 1.1.1.1 yet?

>means your ISP can't see what domains you're looking up

but your ISP still sees which websites you subsequently go to.. so what's the point?

Cloudflare did hire an outside auditing firm

blog.cloudflare.com/announcing-1111/

Attached: 040.jpg (1080x952, 371K)

They literally have one of the most trustworthy auditing firms on retainer to run reports on their DNS infrastructure.

Anyone who is afraid of 1.1.1.1 is fucking retarded.

freedns.zone/en/

They block archive.is

That's where (encrypted) SNI comes in handy.

>why haven't you switched your DNS to 1.1.1.1 yet?
No thanks, I'm good. I prefer dns.watch
>do you not care about privacy?
That's the exact reason why.

What is sercet government warrants?

That's not correct. archive.is have intentionally broken their own authoritative DNS records. Cloudflare is just doing regular DNS lookups, and providing the reported information back to users.

I'm using it very fast browsing t b h
It's rank 1 on dnsperf.com

here's a better question, why aren't you hosting your own dns serb?

>source?
NSA chief confirmed that they are indeed spying on every website which uses cloudflare. Brainlet.

8.8.8.8 / 8.8.4.4 Is way faster.
ping 1.1.1.1 shows 50-60ms but ping 8.8.8.8 below 10.

Don't trust that security firm

my isp's gateway device has 1.1.1.1 hardcoded as a loopback address

>They literally have one of the most trustworthy auditing firms on retainer to run reports on their DNS infrastructure.
>Anyone who is afraid of 1.1.1.1 is fucking retarded.
Retard KPMG is a golf company with several frauds under it's belt

Why should I use this over pi hole?

>Google dns- 5 ms
>This dns- 82 ms

use pihole with unbound

I get better ping to openDNS tho

blog.apnic.net/2018/04/02/apnic-labs-enters-into-a-research-agreement-with-cloudflare/

In setting up this joint research program, APNIC is acutely aware of the sensitivity of DNS query data. We are committed to treat all data with due care and attention to personal privacy and wish to minimize the potential problems of data leaks. We will be destroying all ‘raw’ DNS data as soon as we have performed statistical analysis on the data flow. We will not be compiling any form of profiles of activity that could be used to identify individuals, and we will ensure that any retained processed data is sufficiently generic that it will not be susceptible to efforts to reconstruct individual profiles. Furthermore, the access to the primary data feed will be strictly limited to the researchers in APNIC Labs, and we will naturally abide by APNIC’s non-disclosure policies.

yeah bro it's totally not being monitored

just trust us you dumb fucks

I use my own resolver

Why does Google DNS correctly resolve them then? No matter what you say, everyone here entirely believes Cloudflare is pozzed

still waiting on that source

If you cared about privacy you would have stoped using internet in any form. Or you know, you can keep lying to yourself that there is any other way. Or, you can stop going full retard, as if anyone gives a fuck about you and your data (unless of course you have something to hide).

Reminder as long as you are on intel or amd cpus you are in the botnet.

I trust my ISP, Bahnhof, more than I trust Cloudflare.

fucking based

As long as you're using one of the chromium based browsers or Firefox (say hi to Google safe browsing) or any of the popular email/search/apps/other online services etc, all your data go directly to Google, therefore your trust for the "Free Speech" Swedish ISP is totally irrelevant.

>Why does Google DNS correctly resolve them then?
Because they supply correct DNS info to Google.
AFAICT, both Cloudflare and Archive.is have explained the cause: Cloudflare doesn't support EDNS Client Subnet (apparently out of privacy concerns). Archive.is refuses to correctly respond to DNS queries without EDNS Client Subnet (though it's not clear why), and seem to return bizarre responses instead.
community.cloudflare.com/t/1-1-1-1-does-not-resolve-archive-is/28059/4
twitter.com/archiveis/status/1018691421182791680

>No matter what you say, everyone here entirely believes Cloudflare is pozzed
That doesn't even make sense as a conspiracy theory. Cloudflare looks bad for not resolving archive.is "correctly", they have nothing to gain from it.

>blocks archive.is links so you can't escape fake news msm

You really gonna trust everything until proven untrustworthy? Doesn't the opposite make more sense?

>You really gonna trust everything until proven untrustworthy? Doesn't the opposite make more sense?
The opposite isn't really possible. When it comes to security, "this thing is open source, has attracted a tonne of scrutiny, and nobody appears to have ever broken it" is the strongest guarantee of safety you're ever going to get.

>privacy
Privacy never existed on the internet. And never will.
Going offline is the ultimate redpill.

your results are not universal

>blocks archive.is
>MITM'd by cloudflare

>you can't trust your isp so make sure to use 1.1.1.1 goyim

Attached: 1533056097091.png (586x586, 348K)

>Trust this company we gave a bunch of money

>route it over TOR
nice try, FBI

Sorry I know very little about this kind of thing, what would I do this for?

> thinks cloudflare is about privacy
my fucking sides. truly retarded nonsense.
it's not. cloudflare are mining it for data.
trusting cloudflare is like putting a convicted child rapist in charge of an elementary school.
shut the fuck up, corporate whore.

in many countries around the world, the quickest way to censor something online is to get ISP's to deny access to a domain name being requested from the DNS they control. using an alternative DNS (that's not in your country or ran by your ISP) gets around a lot of that bullshit.

Because I use:
185.121.177.177
169.239.202.202
142.4.204.111
142.4.205.47

Yeah, that's what's happening here in New Zealand for Jow Forums. I settled for OpenDNS to get around it. Unfortunately, apart from a handful of Australian DNSs on OpenNIC that consistently fail every other day, Google, Cisco, and Cloudfare are about the only services that don't suck here.

I can't wait to be arrested for arguing with autists and jacking off to trannies.

That you nsa agent very based

Because I use 9.9.9.9

>in many countries around the world
Usually the ones that can't be fucked really censoring something. Call us when you're getting DPI.

How I can check which is the fastest?

Someone tell me how to change my DNS

¯\_(ツ)_/¯

Attached: dns_resolver.png (1914x692, 104K)

I use
176.103.130.132
176.103.130.134

If cloudflare isn't about privacy, what is it about?

Why?

>pfsense
My nigga. Why you forwarding though?

Ignore the naysayers, it's both about privacy* and speed

*Compared to your filthy ISP,google, OpenDNS/Cisco, quad9, with only exceptions the AdGuard DNS

I posted an old conf. I read that this gets rid of slow downs when you have local overrides and will only use TLS for the upstreams. I keep the forwarding mode box unticked though.

Attached: resolver.png (1463x638, 85K)

Because archive.is doesn't work on it and that makes me concerned about the quality of it.
I personally use AdGuard Default.
176.103.130.130
176.103.130.131

I'm just still surprised they were even able to get 1.1.1.1 in the first place. You think that would be reserved for something the government used or not used at all. Most other low IPs are that way.

>or not used at all.
It wasn't used at all and was largely seen as an invalid IP till cloudflair got it. In fact it causes issues with a lot of applications that view that IP as invalid or used it as a type of local loop back. They actually fucked up quite a few embedded devices that can't be updated to correct for this. Sure, you can blame the programmer since 1.1.1.1 is technically a valid IP and should have been respected as such, but in a lot of ways it was defacto treated as invalid and CF should have respected that.

Yeah that figures it would fuck with some shit. As I said, it's amazing they were allowed to get it in the first place.

Holy shit this is the most retarded post I've ever read. There is no "technically" about it. 1.1.1.1 is a valid IP address.

see

I said it was a valid IP but unfortunately people treated it as if it wasn't and made code bases based on that assumption since it was NEVER used till CF got it you retard. The programmers dug their own grave for sure, but at the same time CF knew they were going to cause issues as well.

>special purpose addresses don't exist

>1.1.1.1 is a special purpose address
It isn't and never has been.
The guy who ran out into the middle of busy traffic dug his own grave, bit at the same time the people driving their cars knew they were going to cause issues as well.

Why would you block porn?

Because their app doesn't work properly

Let's be fair here. A convicted child rapist would know the best way to protect children from child rapists.

My ISP DNS are faster, more secure and more privacy friendly per no data mining and logging.

Alright, that's cool and all, but archive.is still works wih AdGuard, so it clearly has better compatibility. I'll stick with it.

Lool

>privacy
kek

NSA admitted it.

>Audit it!
>Company gets audited
>AUDITS DON'T MATTER!

And that admission can be found where?

s-SHUT UP
BELIEVE MY CLAIMS
ANONYMOUS KNOWS ALL

because I’m using AdGuard DNS
176.103.130.130

>using someone else's DNS
>caring about privacy
Pick one.
Run your own!

my ISP's name servers are faster

these guys were ddosers and now they have an anti ddos company. no thanks i wont involve myself with malicious people

>using the botnet DNS server
yikes

Attached: Capture.png (338x120, 3K)

Attached: Skärmbild från 2019-03-17 21-25-28.png (997x641, 82K)

Every time there's a 1.1.1.1 thread, the "NSA is backdooring u dumbys" argument comes out.
No one ever even types out a conspiracy theory, let alone a link. Is there literally nothing more substantial than "too good to be true"?

If it's free, you're the product

Nice might look into that

>trusting another server with his dns requests.
If you don't run a recursive dns resolver (e.g. unbound) you're a pleb. There is a reason why openwrt and pfsense have them.

Yes, they acutally admit this on their blog with your data gets sent off randomized with ip to get analized

Without ip I mean

>get analized
>analized

I'm pretty sure it does!

Attached: D1gdnTrU0AEKv9S.jpg (704x1200, 88K)