←back to thread

1.1.1.1: Fast, privacy-first consumer DNS service

(blog.cloudflare.com)
1895 points _l4jh | 3 comments | 01 Apr 18 12:14 UTC | HN request time: 0s | source
Show context
ajross ◴[01 Apr 18 12:37 UTC] No.16727942[source]
This is the Cloudflare resolver, right? What's the "privacy-first" part about? It's just another third party DNS host. They haven't changed the protocol to be uninspectable and AFAIK haven't made any guarantees about logging or whatnot that would enhance privacy vs. using whatever you are now. This just means you're trusting Cloudflare instead of Comcast or Google or whoever.
replies(8): >>16727953 #>>16727957 #>>16727960 #>>16727965 #>>16727968 #>>16727969 #>>16727975 #>>16727978 #
yjftsjthsd-h ◴[01 Apr 18 12:40 UTC] No.16727968[source]
On the contrary, they've taken 2 big steps that are better than ISPs (not sure about Google):

* no logging

* DNS over HTTPS

replies(2): >>16728011 #>>16728249 #
therealmarv ◴[01 Apr 18 12:51 UTC] No.16728011[source]
Google is one of the first ones using DNS over HTTPS.

BTW if you want to use DNS over HTTPS on Linux/Mac I strongly recommend dnscrypt proxy V2 (golang rewrite) https://github.com/jedisct1/dnscrypt-proxy and put e.g. cloudflare in their config toml file to make use of it.

replies(2): >>16728137 #>>16733185 #
cptskippy ◴[01 Apr 18 13:22 UTC] No.16728137[source]
The whole point of encrypting DNS traffic is to hide it from the likes of Google.
replies(1): >>16728286 #
akquise ◴[01 Apr 18 14:01 UTC] No.16728286[source]
For me personally it is much more important to hide my DNS traffic from my ISP instead of Google, etc., even though I don't live in the US.

I pay them to access the internet, every further information they gather about my internet activity does not mean any benefit for me.

replies(2): >>16728551 #>>16728649 #
1. throw2016 ◴[01 Apr 18 15:09 UTC] No.16728649[source]
This does not make sense. Either people are not concerned about hiding their traffic or if they are it follows they would be equally if not much more concerned about Google that can track them across devices and build far more indepth invasive profiles than the ISP.

Aside it's strange https everywhere has been pushed aggressively by many here under the bogeyman of ISP adware and spying while completely ignoring the much larger adware and privacy threats posed by the stalking of Google, Facebook and others. It is disingenuous and insincere.

replies(1): >>16728705 #
2. ocdtrekkie ◴[01 Apr 18 15:20 UTC] No.16728705[source]
Most fears of ISPs have been stoked primarily by tech companies, who invest a lot more money into marketing than the ISPs do.
replies(1): >>16730700 #
3. tialaramex ◴[01 Apr 18 21:54 UTC] No.16730700[source]
I can only really discuss the UK, since that's the only place where I've bought home ISP service.

Only a handful of small specialist firms actually just move bits in the UK. Every single UK ISP big enough to advertise on television is signed up to filter traffic and block things for being "illegal" or maybe if Hollywood doesn't like them, or if they have "naughty" words mentioned, or just because somebody slipped. If you're thinking "Not mine" and it runs TV adverts then, oops, nope, you're wrong about that and have had your Internet censored without realising it. I wonder how ISPs got their bad reputation...