"... if you're still using the DNS servers that your ISP or cellular provider set up when you first got service, ... those plaintext queries get stored and sold to advertisers and anyone else who might want to get their hands on the information they hold."
"In no particular order, each of these DNS providers will be more secure and private than your ISP's:
- Cloudflare (1.1.1.1): Runs a large chunk of the internet, known for not blocking sites unless known as a threat
- Quad9 (9.9.9.9): Encrypted DNS, also known for not blocking sites without them serving malware or other threats
- Control D (76.76.2.2): No logging, various encryption methods, and works on Apple devices
- AdGuard Public DNS: Anonymized, uses some filtering, has Apple profiles."
"But self-hosting gives you more control - You get ad-blocking, locally resolved domains, and more":
" Self-hosting a DNS server is deceptively simple to do these days, whether you choose from any of the options, including Unbound, AdGuard Home, PowerDNS, or my personal favorite, Technitium. You'll still want to have some queries sent to an external DNS server in an encrypted manner for fallback, but having your own local DNS server making its own encrypted requests will increase the security and privacy of your home network and the devices using that DNS server."
The comments are interesting also.
No comments:
Post a Comment