←back to thread

1.1.1.1: Fast, privacy-first consumer DNS service

(blog.cloudflare.com)
1895 points _l4jh | 1 comments | 01 Apr 18 12:14 UTC | HN request time: 0.206s | source
Show context
ajross ◴[01 Apr 18 12:37 UTC] No.16727942[source]
This is the Cloudflare resolver, right? What's the "privacy-first" part about? It's just another third party DNS host. They haven't changed the protocol to be uninspectable and AFAIK haven't made any guarantees about logging or whatnot that would enhance privacy vs. using whatever you are now. This just means you're trusting Cloudflare instead of Comcast or Google or whoever.
replies(8): >>16727953 #>>16727957 #>>16727960 #>>16727965 #>>16727968 #>>16727969 #>>16727975 #>>16727978 #
yjftsjthsd-h ◴[01 Apr 18 12:40 UTC] No.16727968[source]
On the contrary, they've taken 2 big steps that are better than ISPs (not sure about Google):

* no logging

* DNS over HTTPS

replies(2): >>16728011 #>>16728249 #
therealmarv ◴[01 Apr 18 12:51 UTC] No.16728011[source]
Google is one of the first ones using DNS over HTTPS.

BTW if you want to use DNS over HTTPS on Linux/Mac I strongly recommend dnscrypt proxy V2 (golang rewrite) https://github.com/jedisct1/dnscrypt-proxy and put e.g. cloudflare in their config toml file to make use of it.

replies(2): >>16728137 #>>16733185 #
1. ◴[02 Apr 18 08:48 UTC] No.16733185[source]