Author Topic: Cloudflare DNS 1.1.1.1  (Read 5436 times)

0 Members and 1 Guest are viewing this topic.

Offline Charyb

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2283
Cloudflare DNS 1.1.1.1
« on: August 11, 2018, 06:13:09 PM »
I have started using this and so far so good. I hope the privacy claim is legit.

Quote from: blog.cloudflare.com
Announcing 1.1.1.1: the fastest, privacy-first consumer DNS service


Cloudflare's mission is to help build a better Internet. We're excited today to take another step toward that mission with the launch of 1.1.1.1 — the Internet's fastest, privacy-first consumer DNS service. This post will talk a little about what that is and a lot about why we decided to do it. (If you're interested in the technical details on how we built the service, check out Ólafur Guðmundsson's accompanying post.)


https://blog.cloudflare.com/announcing-1111/

How to install (IPv4 and IPv6): https://1.1.1.1/
« Last Edit: August 11, 2018, 06:28:48 PM by Chili Dog »

Offline alanb

  • Sr. Member
  • ****
  • Posts: 341
Re: Cloudflare DNS 1.1.1.1
« Reply #1 on: August 12, 2018, 12:57:32 AM »
The privacy policy is at least as good as anyone else's ;)

I've been using it for a long while

Coincidentally, I have been testing the response times throughout today (always looking for something faster) and thus far Cloudflare still comes out fastest.

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31545
  • malware fighter
Re: Cloudflare DNS 1.1.1.1
« Reply #2 on: August 12, 2018, 02:49:37 PM »
They all keep temporary and permanent logs, as that is demanded by law at least in the USA and many places elsewhere.
10% are on Google DNS and they keep all your logs at least for 48 hours at and all of your private browser metadata permanently.

So what is wrong with using the DNS of your router at home and use a nice dns-proxy with block-listing all sorts.

Use a DNS Query Sniffer to see what and where all DNS queries resolve?
Still problems with Microsoft IPv6 probes mainly. Check here: https://www.nexcess.net/resources/tools/global-dns-checker/
Don't take the world around you for granted, make up your own mind.  ;)

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Charyb

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2283
Re: Cloudflare DNS 1.1.1.1
« Reply #3 on: August 13, 2018, 08:30:45 PM »

This shows that they do not sell data to third parties or share your ip address and that data is deleted within 24 hours with the exception of telemetry data.


https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/privacy-policy/

Quote from: cloudflare
Cloudflare will not retain or sell or transfer to any third party (except as described in the section below and as may be required by law) any personal information, IP addresses or other user identifiers from the DNS queries sent to the Cloudflare Resolver;


Cloudflare will not combine the data that it collects from DNS queries, with any other Cloudflare or third party data in any way that can be used to identify individual end users; and


Cloudflare will not sell, license, sublicense, or grant any rights to your data that we collect from DNS queries to any other person or entity without your consent. For additional information on Cloudflare’s information-sharing policies, please see our Privacy Policy.


Quote from: cloudflare
Except for the three DNS query types discussed below, all of the log information above will be deleted within 24 hours of Cloudflare’s receipt of such information.
« Last Edit: August 13, 2018, 08:37:43 PM by Chili Dog »

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31545
  • malware fighter
Re: Cloudflare DNS 1.1.1.1
« Reply #4 on: August 14, 2018, 01:12:41 PM »
No comments on 80.80.80.80 and/or 80.80.81.81

All Big Tech parties are all into it (tracking and monitoring all your moves online). Informative example:
https://abcnews.go.com/Technology/wireStory/ap-exclusive-google-tracks-movements-57147837

Your data will be used and shared with Commerce and Big Gubberment, whether you agreed to it or not.

Said that, there is no benefit from not using your own ISP's DNS servers (except when using a VPN).
Providers with Bind DNS servers do not log DNS queries per default.
Third party DNS is not cool it is for dumbed down uninformed folks.

You are well informed when you have read this far. Test here: https://en.internet.nl/connection/cb0dcbabe3b04ec196e27c4913d1b24d/results

To be better informed on Surveillance Self Defense: https://ssd.eff.org/
Don't panick as we all sort of had/have to come and live under it.  ;)

polonus
« Last Edit: August 14, 2018, 04:34:34 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Charyb

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2283
Re: Cloudflare DNS 1.1.1.1
« Reply #5 on: August 14, 2018, 05:23:59 PM »
You posted several links but nothing about Cloudflare DNS. The topic is Cloudflare, not Google, Freenom, or any other. Do you have specific evidence showing Cloudflare's claims are deceitful?
« Last Edit: August 14, 2018, 05:51:17 PM by Chili Dog »

Offline Charyb

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2283
Re: Cloudflare DNS 1.1.1.1
« Reply #6 on: August 14, 2018, 05:58:47 PM »

No comments on 80.80.80.80 and/or 80.80.81.81

and

Said that, there is no benefit from not using your own ISP's DNS servers (except when using a VPN).
Providers with Bind DNS servers do not log DNS queries per default.
Third party DNS is not cool it is for dumbed down uninformed folks.


From 80.80.80.80 Freenom located in the FAQ section. http://www.freenom.world/en/faq.html
Quote from: Freenom
Most DNS resolvers are with internet service providers (ISP's). Most ISP's are very good in providing access to the internet (routing) but lack the system management capabilities to offer a fast and secure DNS resolver service. Most of these resolvers are outdated. Large advertisement networks offer DNS resolving services as well - but these DNS resolvers may record information about your internet usage to optimize any advertisements shown to you. So don't wait any longer and change your DNS to 80.80.80.80 and 80.80.81.81.
Freenom states that ISP's lack the system management skill to offer fast and secure DNS resolver service. This is in contrast to your comment, "there is no benefit from not using your own ISP's DNS servers."
« Last Edit: August 14, 2018, 06:32:45 PM by Chili Dog »

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31545
  • malware fighter
Re: Cloudflare DNS 1.1.1.1
« Reply #7 on: August 15, 2018, 01:36:22 PM »
Hi UncleFester,

Known issues while quite some users and even platforms eventually steered away from CloudFlare's as a CDN:
https://www.theregister.co.uk/2018/04/03/cloudflare_dns_privacy/

I know the differences in how end-users think about loss of privacy in USA and old continental Europe, but it is not only that,
also in comes an issue of "Trust".  Take this report with a pinch of salt, but as always whenever there is smoke .....
https://www.reviewhell.com/blog/cloudflare-makes-websites-slower/ (Biased visions, atroturfing, etc.?)

This Dutch site was hosted via CloudFlare once and steered away because of critique: https://www.security.nl

You do not have to agree with me, it is not my personal view, I just report links to info on that subject.
Please feel free to debunk.

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)

P.S. For the paranoid: There's a Raspberry Pi project for that, complete with possible drawbacks, e.g. malicious exit nodes.
https://github.com/pi-hole/pi-hole/wiki/DNS-over-Tor


« Last Edit: August 15, 2018, 01:57:19 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!