Redpill me on 1.1.1.1, is it really more secure and private than standard DNS services?

Atleast your ISP has a contractual obligation not to fuck with your data.

DNS over TLS is a thing

Thats way worse than using a decent DNS server

Depends. I wouldn't use it if I was a burger, but cloudflare has a long history of disregarding legal notices from my country, so I'm fine.

Burger ISPs most definitely fuck with your DNS whenever they think they can make a profit out of it

Both Burger and Yuro ISPs also fuck with your DNS due to government blocking orders

>"Cloudflare promises that it never writes the IP address of the querying system to disk and that the company wipes all logs within 24 hours."
>"The company hired KPMG, an auditing firm, to audit the source code and practices annually and release the report to the public."
>"Cloudflare DNS supports DNS-over-TLS and DNS-over-HTTPS. Both technologies are open and attempt to limit or eliminate DNS lookups over unencrypted connections."
I use 1.1.1.1 and haven't had an issue, also I think they do better than some in the aspects of privacy/security.

feds replying to each other, the thread

Why is that? Currently using unbound and not noticing any issues

Running a recursive resolver from your home connection is the worst option for privacy because the authoritative DNS servers get directly contacted from your IP address and lookups are always in plaintext and secured by DNSSEC at best.
There's no blending (and cache utilization) of requests among many customers like you have with your ISP's DNS, VPN's DNS or public DNS services.

lol no it's a honeypot. run your own resolver.

Shh he's a poltard that thinks he can get away with DNS without having a off site server hosting and a proxy.

It surprises me to this day that they were even allowed to GET 1.1.1.1 in the first place.

Yeah they're okay. Improving on 1.1.1.1 wouldn't give much and/or would take a lot of effort.

why would they need to keep logs when they just forward everything to prism?

how much would that have cost

>authoritative DNS servers get directly contacted from your IP address
Why is this a bad thing?

>There's no blending (and cache utilization) of requests among many customers like you have with your ISP's DNS, VPN's DNS or public DNS services.
I don't get the advantage. What is the threat model?

Cloudflare is the most malicious internet corporation. Using their DNS is the stupidest thing you can do.

What?

they don't play nice with Jow Forums.
it's still the fastest one for me, though.

Look up what they are. They're fighting against internet freedom and anonimity.

Guys a botnet just flew over my house!

>Cloudfare the best
LOL it's the best if you want your data sold
>Quad9 literally sponsored by police.

back to your discord tranny

Idk about secure and private, but it's faster than Comcast's dogshit DNS, and bypasses a lot of their DNS redirecting idiocy.

Aussie here
Literally need it to post

Yikes. What happens if you don't?

I'm pretty sure that Jow Forums isn't among them, but ISPs here are legally required to block things like known piracy sites. This just comes in the form of a DNS filter though so it's them basically doing the bare minimum legally required of them. It's possible his ISP blocks 'objectionable sites' or something too.

Oh well. Maybe our stingray-hunting cousins will eventually demand net neutrality.

Oi! You got a license for that there DNS?

it's a meme, archive.is doesn't work on it.

kek

>no proof
kys

So you have nothing

I use it until I realised archive.is doesn't get resolved on it, and it never seem to be fixed. Literally every other DNS I've tried does it flawlessly, which sucks, because Cloudflare's DNS has been the best I've tested so far.

They got it for free from APNIC in exchange for letting them analyze the traffic.

Attached: Screenshot_20190520-053139_DNS66.jpg (720x1185, 163K)

Because it means everyone who runs a nameserver has your IP address, which is more people than just the people who run the websites you visit. This is important because most websites don't run their own nameservers, they pay Amazon or their registrar or someone else. Those people will now have your IP address too.

I recently switched to Adguard, did i fuck up?

What about dnscrypt?

blog.apnic.net/2018/04/02/apnic-labs-enters-into-a-research-agreement-with-cloudflare/

Are you fucking retarded?
notabug.org/themusicgod1/cloudflare-tor/

>is it really more secure and private than standard DNS services
yes. it doesn't mean it's 100% trustworthy, but it is better.

Ever since I changed DNS to 1.1.1.1 and 1.0.0.1, I cannot access archive.is website anymore, it redirects to 127.0.0.4, what's up with that? is cloudflare censoring archive.is?

No. The archive.is operators deliberately block out only Cloudflare DNS by delivering a bogus localhost address, ironically because it's more privacy-orientated because they're not transmitting client subnet information through an EDNS extension. This is a purely political decision on their part, as most ISP DNS resolvers don't support that extension either, and e.g. Quad9 only transmits them if you use 9.9.9.10 or 9.9.9.11.
See .

To add to this: What Cloudflare can be accused of is telling smaller content-delivery networks like archive.is who want to do DNS-based load balancing to go fuck themselves when they're relying on a standard solution to do so (RFC 7871), only falling back to the Cloudflare PoP which forwarded the user's query, which you can only hope is reasonably near in terms of network topology (unless Cloudflare fucks up – for example, among European datacenters the Belgrade and Rome datacenters are currently down and re-routed to other locations).
On the other hand, that actually improves privacy in the face of cache-based tracking like dnscookie.com/ which the lone guy running their local resolver is also affected by.

>secure
Not in any way but faster if you live outside East Asia, NA or Europe. Especially in Africa.

Attached: 1527536588477.png (513x454, 146K)