Cloudflare DNS has DoH, but it’s Cloudflare so… ew. Is there one that is more privacy respecting and also has DNS over HTTPS?
Cloudflare DNS has DoH, but it’s Cloudflare so… ew. Is there one that is more privacy respecting and also has DNS over HTTPS?
This is controversial because they are “big bad” companies. But in some cases I think that is a plus because they have some responsibility to do as they say.
The major concern for all of these is that they are allowed the keep anonymized logs forever. This means that if the hostname itself it sensitive then it can be recorded forever. (For example if you have “secret” subdomains).
The other option is running your own recursive resolver, this mostly nullifies the private subdomain issue as only the authoritative server will see it (other than network snoopers) however this has very real downsides.
Disclaimer: I used to work at Google (but not on Google Public DNS) and have no affiliation with other named or referenced companies.
Removed by mod
Just because it is not the advice that is expected does not make it bad advice. Obviously these names have some questionable behaviours but in this case they often have separate privacy policies for their DNS services (or the Mozilla endpoint for their DNS services) which makes it much better than the other Google products which are lumped behind a single privacy policy which isn’t very privacy friendly.
Unfortunately it is impossible to know for sure they are complying with the privacy policy, but this applies to all providers, no matter how large or what businesses they have other than providing DNS. So while you shouldn’t blindly follow some random post on the internet you should may give these providers a second look-over and consider that these large companies have some privacy benefits if their privacy policy is accurate.
Removed by mod
He was making a good point. Huge multinationals often have departments with wildly different behaviors/policies. These departments are often in conflict with one another, or don’t know so much about one another. I agree with you trusting anything remotely associated to Google is utterly stupid when it comes to privacy, but the argument exposed was not stupid.
It was in fact solid insider’s advice, to know to exploit differences between branches of a given tentacular company in some circumstances. For example, Debian’s cooperation with Lenovo for better hardware support is in fact a collaboration with a specific department within Lenovo, and has a lot of blocking points from other departments.
EDIT: Also another good point was that selfhosting services (eg. services just for “me”) often leaks more metadata than using shared services which other folks connect to as well.
Removed by mod