1.1.1.1: Fast, privacy-first consumer DNS service

(blog.cloudflare.com)

1895 points _l4jh | 1 comments | 01 Apr 18 12:14 UTC | HN request time: 0s | source

Show context

rdsubhas ◴[01 Apr 18 13:30 UTC] No.16728163[source]▶

>>16727869 (OP) #

> We will never sell your data or use it to target ads. Period.

Won't sell != Won't collect

> We will never log your IP address (the way other companies identify you)

Never log IP != Never log anything

Bonus: The way other companies identify you ~= There are other ways

Edit: Looks like many people assume I'm nitpicking. So here are more specific questions:

* Is logging a hashcode of the IP considered as "not logging the IP"?

* Can combination of timestamp, packet info other than end IP (latency, hops, etc), geoIP and other factors be used for deep intelligence?

replies(6): >>16728183 #>>16728191 #>>16728195 #>>16728266 #>>16729111 #>>16729896 #

fwgwgwgch ◴[01 Apr 18 13:36 UTC] No.16728183[source]▶

>>16728163 #

AFAIK the only data is domain name, record and the incoming ip. I don't care if they store the first two.

Do you have any actual points against or are you just trying to nitpick? And do you have anything better?

replies(3): >>16728206 #>>16728218 #>>16728395 #

pdkl95 ◴[01 Apr 18 14:18 UTC] No.16728395[source]▶

>>16728183 #

> the only data is domain name, record and the incoming ip

Other data that can be logged:

- timestamp - this can be very revealing when correlated with other datasets.j

- ASN - can sometimes act like fingerprint on it's own, and assists in correlating other data (e.g. the timestamp)

- any identifiable variation in the structure or behavior between different DNS resolver implementations. See nmap's "-O" option that detects the OS from the TCP/IP protocol implementation.

replies(1): >>16735237 #

1. fwgwgwgch ◴[02 Apr 18 15:18 UTC] No.16735237[source]▶

>>16728395 #

Good answer. Thanks.

↑