Whats that, you don't encrypt your DNS requests? whats your excuse?

whats that, you don't encrypt your DNS requests? whats your excuse?

Attached: results.png (1113x349, 39K)

Other urls found in this thread:

bugzilla.mozilla.org/show_bug.cgi?id=1540618
quad9.net/policy/
jarv.is/notes/cloudflare-dns-archive-is-blocked/
twitter.com/NSFWRedditGif

I host a root DNS server

>Using 1.1.1.1

OP here, give me a decent DNS over HTTPS-host to swap to and I'll do it.

>gives internet requests to third-party
>'b-but its encrypted!'

>set esni.enabled to true
>the first 3 are green in the cloudflare checker
>still red on the sni
How do I fix it?

>using cloudflare DMS
pure placebo.
I use DNScrypt. Not only are the requests encrypted but the requests go to different servers that claim to not log.

I had the same issue, refreshing the page or restarting the browser should fix it.

I’m not a pedophile

I have nothing to hide

Yeah, there we go. I had trr mode on 3 and when I restarted it just stopped connecting to sites full stop, moving the mode back to 2 seemed to fix it, so I'm not sure how I feel about that since mode 2 is supposed to fall back to unencrypted if DoH won't work.

looked up on this

bugzilla.mozilla.org/show_bug.cgi?id=1540618

apparently if you want to set up the full mode, you need to define a bootstrap server IP for querying the resolver address. I put 104.16.249.249 (mozilla.cloudflare-dns.com) into network.trr.bootstrapAddress and mode 3 started working.

I do have encrypted DNS. But it's over TLS, not over HTTPS, since HTTP is bloat incarnate, and it certainly isn't using 1.1.1.1

What's the point? They can see what IP I'm connecting to anyway. Doing reverse DNS isn't hard.

Attached: 2019-08-14 11_36_15.png (1195x421, 46K)

i just use my ISP's DNS

Majority of internet is behind cloudflare, so even if you do reverse DNS. You'll get a shit ton of websites making it hard to differentiate which one the user actually accessed.
Of course, cloudflare is a private company. In the end, it's their data there isn't anything stopping them from reselling the data to your ISP

I use Cloudflare because it's the fastest.

Us gamers can't have a milisecond of lag amirite.

Quad9 or OpenDNS

Oh shit, thanks dude.

Why do you say quad9 is better when they collect more identifiable data than cloudflare?

quad9.net/policy/

Because cloudflare is more popular and publicly known, he doesn't actually care about privacy/security, he just gets off from knowing he's "better" than the "normies" using cloudflare.

I don't need encryption for most things just like https isn't necessary for most things. Under the guise of security... fucking botnet shills.

based

>cloudflare
what is anti-trust.

How do I make ESNI work when I'm routing my traffic through a SOCKS5 proxy? Works fine normally.

Attached: esni.png (1333x501, 73K)

The problem with cloudflare is that the autist that runs archive.is blocks them from resolving dns lookups for some autistic reason.

That's not cloudflares problem. It's the autistic guy who doesnt care about his users privacy

jarv.is/notes/cloudflare-dns-archive-is-blocked/

Attached: wew.png (1280x710, 365K)

Just use a VPN with dedicated DNS inside a VM to look at it.

>cuckflare

Attached: botnet.png (770x578, 287K)

If you can resolve archive.is then you fail

Is there DNS that gets torrented under the hood? The stuff you spin up and it just werks.

What site is that?

Wtf are you talking about?

adguard or 9.9.9.9

Because (((cloudflare))) is literally like China+UK combined when it comes to how much they want to control and censor the internet.

That makes sense
Jow Forums is full of retards who like to think they know what they're talking about

Reminder that doing the DoH + ESNI routine in firefox causes firefox to bypass the hosts file on your OS and the router you are connected to. This might be useful in some circumstances (like on mobile), but it is undesirable in most. The best way to experiences encrypted DNS is via setting up DoT, DoH or DNSCrypt on your router with a utility like stubby or unbound. YTML.

it's fucking retarded, archive.is will get your whole IP anyway, what the fuck are they protecting? oh, they are doing their own load balancing based on that? well fuck them, they probably need to buy cloudflare services to better deal with high global loads