Privacytools.io: Add non-OPENNIC DNS resolvers?
Currently only OpenNIC is supported and they don't have any DoH servers that Firefox (or issue #785) would need. Should more DNS providers be added so there would be something which Firefox TRR instructions could link to?
I guess the DNS page would also need VPN-style warnings and I fear this could possibly promote centralization. Maybe there would be a big warning on hosting your own at first and suggestions for software to do it?
- [ ] DNS.watch suggested in https://github.com/privacytoolsIO/privacytools.io/issues/513 (public resolver)
- [ ] Quad9 non-profit and OK looking privacy policy (public resolver) (warning: malicious domain filtering)
- [ ] AdGuard DNS, for-profit, but OK looking privacy policy, however Cloudflare and blocked bbc.com yesterday or so, not-14-eyes (public resolver with adblocking (warning: you don't control the blacklist))
- edit: AdGuard DNS is also missing DNSSEC support which would prevent the DNS server from lying, but I guess the point of AdGuard DNS is to lie especially about advertising domains, but I guess there should be a warning about missing DNSSEC regardless in addition to not controlling the blacklist.
[ ] https://blahdns.com/ mentioned in #785 (public resolver)
EDIT: DNS server software moved to #1055
Mikaela
All 7 comments
Should more DNS providers be added so there would be something which Firefox TRR instructions could link to?
I really like this idea :+1:
nitrohorse
on 14 Jul 2019
There's a trend by some privacy aware people that goes like this: are you afraid that someone will monitor you? So, use a service from another country or a different continent to cover you up. This is a statement that's highly valued for VPN users and torrent users that get seedboxes in far-away countries. I follow this trend for my DNS and Mail. I live in central europe and both my DNS and Mail are located in eastern europe.
For DNS, one could have a look at https://www.grc.com/dns/benchmark.htm if speed is a problem (but most of the time it is not).
Atavic
on 21 Jul 2019
I think distant DNS may be a problem for CDN and thus average users. In case of Finland the situation is going to be the opposite with preferring foreign DNS as if the DNS traffic crossed borders, it would be free for mass surveillance to monitor. Here I however assume that DNSCrypt/DoT/DoH is not being used (and it may not matter that much anyway as #785 is still there to shout SNIs in plaintext in most of cases).
Mikaela
on 21 Jul 2019
Is there a limit that the section can only contain three recommended or can more be added? Should the DNS servers be visible on top or put to Worth Mentioning? I would be happy with worth mentioning as it would be less work, but would that be weird to link to from the Firefox page?
https://github.com/privacytoolsIO/privacytools.io/issues/785#issuecomment-514514909 bumbed me on this.
Oh and should there be a note on Quad9 that it has been founded by law enforcement which concerns some people on Reddit?
Mikaela
on 24 Jul 2019
Mikaela: I think ideally we would switch sections to cardv2.html like how browser addons are currently setup which would allow us to recommend more than 3 as needed without messing up the layout.
Says @JonahAragon
Mikaela
on 24 Jul 2019
I kind of like how the current XMPP section is done, could I copy that kind of layout for this?
Mikaela
on 25 Jul 2019
DNS.watch is missing DoT/DoH, so I am excluding it from my upcoming PR.
Mikaela
on 25 Jul 2019
Related issues
BurungHantu1605
路
46Comments
lrq3000
路
63Comments
ghost
路
40Comments
Nic-Wow1
路
54Comments
Mikaela
路
42Comments
Most helpful comment
I really like this idea :+1: