If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#31
|
|||
|
|||
Firefox secure DNS?
In article , Carlos E.R.
wrote: Nope. Me and many people I know changed it for speed. unless your dns is extremely slow, it's nothing you'll ever notice since the time to connect and transfer data from whatever you're connecting to will be the bottleneck. Nope. The bottleneck was the modem. Even today, there are default DNS servers out there that are slow to respond, so that replacing with a local LAN server makes sense. if it was slow enough to be noticeable, then it was misconfigured and should not be used. that is also very rare. No, it was not misconfigured on the client side. And no, it was not rare. slow dns to where it's noticeable is very rare. obviously, if something is misconfigured or otherwise not working properly, people will switch to something that is, but that's not the normal case. |
Ads |
#32
|
|||
|
|||
Firefox secure DNS?
On 6/3/2020 1:12 PM, Mayayana wrote:
As I heard it, FF is going to default to 1.1.1.1, which seems to be reasonably reputable. The big factor is that your ISP and other online entities can't see the traffic. But if you really want it more private you can use something like Unbound. In other words, there's no reason to trust Mozilla or Google. But trusting Mozilla with encrypted DNS is probably better than doing it in the open and certainly better than using Google. The best would be to use a DNS resolver that encrypts but runs separately from the browser, as a system service. I've already rerouted everything in my own router configuration through 1.1.1.1 and Google DNS, so my ISP's DNS will never see any of my requests from any of my devices inside my network. I don't need Mozilla to decide for me where to route my DNS. Yousuf Khan |
#33
|
|||
|
|||
Firefox secure DNS?
In article , Yousuf Khan
wrote: I've already rerouted everything in my own router configuration through 1.1.1.1 and Google DNS, so my ISP's DNS will never see any of my requests from any of my devices inside my network. I don't need Mozilla to decide for me where to route my DNS. dns isn't encrypted, so yes they can see the queries, however, if you use doh to cloudflare, then they won't be able to. |
#34
|
|||
|
|||
Firefox secure DNS?
I don't think he's using anything as crude as an app running on his
device. I think he's running a VPN client in his router. -- Brian Gregory (in England). |
#35
|
|||
|
|||
Firefox secure DNS?
On 6/3/2020 5:11 PM, Stan Brown wrote:
On Wed, 3 Jun 2020 12:52:30 -0400, Yousuf Khan wrote: I know that it seems ironic to trust anything provided by Google as safe for privacy, but the Google DNS server is just a standard DNS server. When you access it, you don't have to login to it, so there's no identifiable information about you to access this server. Well, there's your IP address, isn't there? That's what the VPN is there for. Yousuf Khan |
#36
|
|||
|
|||
Firefox secure DNS?
In article , Yousuf Khan
wrote: I know that it seems ironic to trust anything provided by Google as safe for privacy, but the Google DNS server is just a standard DNS server. When you access it, you don't have to login to it, so there's no identifiable information about you to access this server. Well, there's your IP address, isn't there? That's what the VPN is there for. that just means you have a different ip address than you otherwise would have. you're still trackable, and the ip address isn't even that important anyway, since it often changes without a vpn. |
#37
|
|||
|
|||
Firefox secure DNS?
On 6/3/2020 11:19 PM, nospam wrote:
In , Yousuf Khan wrote: Well, there's your IP address, isn't there? That's what the VPN is there for. that just means you have a different ip address than you otherwise would have. you're still trackable, and the ip address isn't even that important anyway, since it often changes without a vpn. Well if you're going to be going into that level of pedantry, then nothing is secure, and everything is traceable. But the fact of the matter is that between the VPN server and your IP address there is a wall of encryption. Without breaking through that encryption, you can't tell what the true IP address is behind the VPN. Also dozens of people are using the same VPN IP address at the same time, there's no way to tell which actual IP address is doing what through that VPN IP. Yousuf Khan |
#38
|
|||
|
|||
Firefox secure DNS?
On 04/06/2020 01.16, nospam wrote:
In article , Carlos E.R. wrote: Nope. Me and many people I know changed it for speed. unless your dns is extremely slow, it's nothing you'll ever notice since the time to connect and transfer data from whatever you're connecting to will be the bottleneck. Nope. The bottleneck was the modem. Even today, there are default DNS servers out there that are slow to respond, so that replacing with a local LAN server makes sense. if it was slow enough to be noticeable, then it was misconfigured and should not be used. that is also very rare. No, it was not misconfigured on the client side. And no, it was not rare. slow dns to where it's noticeable is very rare. obviously, if something is misconfigured or otherwise not working properly, people will switch to something that is, but that's not the normal case. As I demonstrated, response time was 0.1 second for openDNS. This instant I tested google own server: time host google.es 8.8.8.8 .... real 0m0.309s That is 0.3 seconds to respond, and that is slow. It is just a fact. No misconfiguration whatsoever. With my own setup, I reduce that time between 3 and 20 times. -- Cheers, Carlos E.R. |
#39
|
|||
|
|||
Firefox secure DNS?
In article , Yousuf Khan
wrote: Well, there's your IP address, isn't there? That's what the VPN is there for. that just means you have a different ip address than you otherwise would have. you're still trackable, and the ip address isn't even that important anyway, since it often changes without a vpn. Well if you're going to be going into that level of pedantry, then nothing is secure, and everything is traceable. that's correct, and it's not pedantry. it's the reality of the modern day internet. But the fact of the matter is that between the VPN server and your IP address there is a wall of encryption. all that means is that your isp can't see what you're doing. the vpn provider is able to see what sites you're visiting and some of them will track you and monetize that, notably free vpns. the question becomes whom do you trust more, your isp or a random vpn provider with a fancy website (which is trivial to set up) ? Without breaking through that encryption, you can't tell what the true IP address is behind the VPN. there are ways to determine it without breaking encryption, but that doesn't actually matter. Also dozens of people are using the same VPN IP address at the same time, there's no way to tell which actual IP address is doing what through that VPN IP. that also doesn't matter. an ip address is not the only factor in tracking users. in fact, it's fairly minor since an ip address can change as people connect from different places, including work, home, school, public wifi at a coffeeshop and via cellular on a mobile device. also, isps usually provide dynamic ip addresses, and although the lease time is typically long, it can (and eventually will) change. there often are multiple people in a home or workplace, all connecting via the same ip address but visiting different sites and tracked separately. large businesses might have a block of ip addresses, but that doesn't really change anything. |
#40
|
|||
|
|||
Firefox secure DNS?
In article , Carlos E. R.
wrote: That is 0.3 seconds to respond, and that is slow. It is just a fact. No misconfiguration whatsoever. it's slower than other dns servers, but in the grand scheme of things, it's not going to be noticeable when the sites take much longer to load. for example, https://www.theverge.com takes a couple of seconds to load (and i'm on a very high speed link). a difference of 300ms isn't going to matter. granted, theverge is among the slower sites, but not significantly so. modern web sites have lots of graphics and javascript and do not render immediately. even lightweight sites still have to send a fair amount of data. another example are file downloads. i just downloaded a file that took about 20 seconds to complete. an extra 300ms would not be noticeable, especially since it was downloading in the background. |
#41
|
|||
|
|||
Firefox secure DNS?
On 6/3/20 7:23 PM, Yousuf Khan wrote:
[snip] I've already rerouted everything in my own router configuration through 1.1.1.1 and Google DNS, so my ISP's DNS will never see any of my requests from any of my devices inside my network. I don't need Mozilla to decide for me where to route my DNS. Â*Â*Â*Â*Yousuf Khan I do that too. Also, the ISPs DNS does not return an error when it should, it returns a junk page instead (with a mess in the address bar). The ISP doesn't see your DNS requests, but it looks like that wouldn't really matter since it DOES see the page requests. -- Mark Lloyd http://notstupid.us/ "I know I believe in nothing but it is my nothing" |
#42
|
|||
|
|||
Firefox secure DNS?
In article , Mark Lloyd
wrote: Also, the ISPs DNS does not return an error when it should, it returns a junk page instead (with a mess in the address bar). which is in technically not allowed. |
#43
|
|||
|
|||
Firefox secure DNS?
On 04/06/2020 15.22, nospam wrote:
In article , Carlos E. R. wrote: That is 0.3 seconds to respond, and that is slow. It is just a fact. No misconfiguration whatsoever. it's slower than other dns servers, but in the grand scheme of things, it's not going to be noticeable when the sites take much longer to load. for example, https://www.theverge.com takes a couple of seconds to load (and i'm on a very high speed link). a difference of 300ms isn't going to matter. It matters when you consider that loading a page may mean connecting to a hundred different hosts. The point is, many of us in a position to create and use our own DNS server did so, and I know because I helped many to do so. To us, the issue was speed, not security - google was not even known at the time. Today it matters less, but to us it still matters, and we still create our DNS server, or at least, a cache server. This minute I am at a remote place connected via thetering to a phone that doesn't even get 4G, so it is slow and it matters those tiny bits I can squeeze. The point is, don't assume that the only reason for not using default DNS servers is security. Or rather, privacy. There are other reasons to other people. granted, theverge is among the slower sites, but not significantly so. modern web sites have lots of graphics and javascript and do not render immediately. even lightweight sites still have to send a fair amount of data. another example are file downloads. i just downloaded a file that took about 20 seconds to complete. an extra 300ms would not be noticeable, especially since it was downloading in the background. Of course. -- Cheers, Carlos E.R. |
#44
|
|||
|
|||
Firefox secure DNS?
On 04/06/2020 18.16, nospam wrote:
In article , Mark Lloyd wrote: Also, the ISPs DNS does not return an error when it should, it returns a junk page instead (with a mess in the address bar). which is in technically not allowed. It is broken. Disgusting practice. Creates havoc with other services that are not html, which try to connect, say, to the wrong IMAP server and not knowing about the error. Change DNS provider. -- Cheers, Carlos E.R. |
#45
|
|||
|
|||
Firefox secure DNS?
On 6/4/2020 12:10 PM, Mark Lloyd wrote:
On 6/3/20 7:23 PM, Yousuf Khan wrote: [snip] I've already rerouted everything in my own router configuration through 1.1.1.1 and Google DNS, so my ISP's DNS will never see any of my requests from any of my devices inside my network. I don't need Mozilla to decide for me where to route my DNS. Â*Â*Â*Â*Â*Yousuf Khan I do that too. Also, the ISPs DNS does not return an error when it should, it returns a junk page instead (with a mess in the address bar). The ISP doesn't see your DNS requests, but it looks like that wouldn't really matter since it DOES see the page requests. Again, as I've said elsewhere, it won't even see the page requests, as I am using a VPN most times. I let it see the page requests, if I decide to purposefully bring down the VPN, but that's about it. I would only do that because a few sites are getting wise to VPN's, and they block VPN's. Yousuf Khan |
Thread Tools | |
Display Modes | Rate This Thread |
|
|