Many ISPs and other DNS providers are slow or inject ads, track you, hijack DNS queries or do other nasty stuff. To mitigate this, you should use a fast, reliable and free service that respects your DNS privacy.
To use a fast and free – as in cost and censorship-free – DNS provider that doesn’t track you, many people recommend using Google’s DNS servers. However, Google Public DNS permanently logs your ISP and location information for analysis. Your IP address is also stored for 24 hours.
Since Google’s primary business model is to sell targeted ads, it makes sense that your privacy isn’t their primary concern. It shouldn’t be a shock to anyone if they use data collected from a service provided free of charge to fuel their bank account.
When it comes to services like this, you have to find someone you trust. There is no accountability, as you can’t exactly get access to their backend services to verify that there is no logging. However, if they have a data breach or hire an honest employee, the world will know and their reputation will be destroyed forever. The internet never forgets.
A provider that gives you DNS privacy
DNS.WATCH is a service that exists because the people behind it claims that they believe in freedom of information. What they provide is a fast, free and uncensored DNS service where the resolvers are configured to not log any queries.
No censorship. No Bullshit. Just DNS.
So what’s their business model? Where’s the catch?
They’re not a business and doesn’t have anything to sell. Their costs are covered by sponsors and donations. They are not running an ad network. There is no DNS hijacking or any other humbug.
We’re not interested in shady deals with your data. You own it. We’re not a big corporation and don’t have to participate in shady deals. We’re not running any ad network or anything else where your DNS queries could be of interest for us. Other providers do.
The technical details
These are their DNS servers, as provided on the DNS.WATCH website. They have DNSSEC enabled, they don’t do any logging, and they can be used free of charge. Oh, and in my experience, they are very fast too!
Explicit v6 FQDN: resolver1v6.dns.watch
Explicit v6 FQDN: resolver2v6.dns.watch
If you need any help on setting up your computer to use these resolvers, they have handy howtos for changing DNS resolvers here.
Update September 10, 2018
Since CloudFlare released their DNS resolver 22.214.171.124 on April 1st, I’ve been using that one, and it has great speed, stability and privacy. You might want to check it out!
Thank you for this! What do you think of servers such as ns0dnscrypt.is? or d0wn resolver?
You’ll find the info you’re looking for if you do some digging around. Again: You have to find someone you trust, since verification would be hard.
I tried this DNS for a couple days. It was definitely fast compared to OpenDNS but it failed to resolve http://www.forbes.com today so now I’m trying out DNS’s listed on this page: https://www.opennic.org/
I didn’t know about OpenNIC but will give it a closer look. Thank you!
This is obviously an add.
Except it is not. Why would it be?
Anyways, the main point is to use a DNS provider that doesn’t track you. There are others out there too, so find one you trust (enough).
Why is article this “obviously” an ad? Maybe you meant this is obviously an “add” –> 1 + 1 = 2.
Hello Björn! Today i read a new article about securing DNS by DNS over HTTPS in the german magazin CHIP 12/2018, Page 104.
Open a newest firefox. Insert “about:config”. Go to “network.trr.mode” and change the settings from “0” to “2”. Go to “network.trr.uri” , delete the standard entry and insert a trusted dns resolver like this one: https://doh.securedns.eu/dns-query
Then go to “network.trr.bootstrapAddress” and insert this ip: 126.96.36.199
Thats it. Close and restart firefox. Go to https://dnsleaktest.com/ and make and extended test. If dns over https works, the result you could see, now should be the IP frome securedns.eu
I think, this resolver is uncensored too. I will contact the owner of the resolver.
Cloudflare, i do not trust! Sorry!
That’s fine. Find one you trust :-)
cloud flare and quad9 maybe good options, but their HQ is in U. S. – so the patriot act still does its work…
Comments are closed.