Cloudflare’s DNS 1.1.1.1 Promises to Increase Privacy and Internet Speed

in #dns7 years ago



DNS



Domain Name System (DNS) servers are integral to the functionality of the internet. All internet IP addresses are found using DNS which basically translates human input in the form of an URL and translates the information into the corresponding numerical address directing us to the desired website.


For instance, when you try to connect to a website such as Steemit.com, your device needs to know which server to connect to so that it can load the application. Since computers are not able to directly translate a human input name and determine the proper address, your device queries a specialized server in order to perform the task, known as a DNS recursive resolver. A DNS server keeps a directory of domain names and translates them to IPs, a sort of internet rolodex.

DNS-rev-1.gif

Howstuffworks.com

Generally speaking, this service is provided automatically by an Internet Service Provider (ISP) and is not often on the average person's radar. Yet some users prefer to use a DNS resolver such as Google Public DNS which provides faster connections and are more secure than the default DNS provided by an ISP.

Since the default DNS services provided by ISPs are often slow and insecure, most people rely on alternative DNS providers—such as OpenDNS (208.67.222.222), Comodo DNS (8.26.56.26) and Google (8.8.8.8), to speed up their Internet.

The Hacker News


Cloudflare's DNS 1.1.1.1


Cloudflare has released a new DNS service that, it says, increases internet speed while also enhancing online privacy by making it more difficult for ISPs to trace your browsing history.

By using Cloudflare's DNS service the company claims that your device(s) will be able to sort domain names at an extremely high speed of 14.8 milliseconds much faster than the competition.

From Cloudflare's website:

Unfortunately, by default, DNS is usually slow and insecure. Your ISP, and anyone else listening in on the Internet, can see every site you visit and every app you use — even if their content is encrypted. Creepily, some DNS providers sell data about your Internet activity or use it target you with ads. Cloudflare, in partnership with APNIC, runs 1.1.1.1, a recursive DNS service that values user privacy.

Cloudflare.com

The company maintains that privacy is the top priority stating that -

• Cloudflare will never sell your data or use it to target ads. Period.
• Cloudflare will not retain any personal data / personally identifiable information, including information about the client IP and client port.

The company also pledges that any data that is collected will be destroyed after 24 hrs.

However, the website also states that it will be working in conjunction with another company, Asian based APNIC.

Ironically for a project predicated on privacy, Cloudflare is sharing DNS query data with APNIC Labs, a part of Asian registry APNIC, in exchange for the use of its 1.1.1.1 network address. The regional internet registry insists it wants to better understand the technical intricacies of DNS, in order to mitigate denial-of-service attacks and to optimize server communication.

theregister.co.uk

APNICS and Cloudflare have entered into a partnership agreement for the next 5 years. The company has reiterated Cloudflare's pledge to destroy all data within 24hrs, but 'after' conducting statistical data analysis. They also stress that they're keenly aware of just how sensitive Cloudflare's DNS data is and will be vigilant to prevent any data leaks. Data sharing with APNIC has some wondering why just how private DNS 1.1.1.1 really is.

DNS Over HTTPS



sucuri.net


For increased security, it's possible to use DNS over HTTPS endpoint rather than sending DNS queries over plaintext. One of the main reasons for doing so is that even while using HTTPS to visit a website your DNS query is sent over an unencrypted connection. Therefore, anyone listening to packets on the network will be aware of which website you're trying to connect to.

According to Cloudflare, another issue with unencrypted DNS is

it is easy for a Man-In-The-Middle to change DNS answers to route unsuspecting visitors to their phishing, malware or surveillance site. DNSSEC solves this problem as well by providing a mechanism to check the validity of a DNS answer, but only a single-digit percentage of domains use DNSSEC.

Therefore, Cloudflare's DNS 1.1.1.1, which offers DNS over HTTPS, aims to mitigate these problems by providing this free service.

A Broader View


We all would like greater speed and privacy from our online experience and this is a simple and free way to do so. How private Cloudflare's service will be is still anyone's guess.

Back in 2009 when Google launched their Public DNS 8.8.8.8, the company made a lot of similar promises to what Cloudflare is championing today. The tech giant assured us that our privacy was of paramount concern with several caveats. Google's Public DNS did track a users IP address, but according to Google only for 24hrs. Google also sated that in no way would a user's DNS data be tied to their Gmail or Google accounts in anyway or shared with a third party provider.

google_dns_2.jpeg

Nevertheless Google does retain a certain amount of 'technical data'.

Your location: yes. Google says it permanently stores "metro-level" info on your whereabouts for the purpose of debugging and improving the Google Public DNS experience. Most of this information is held for two weeks, Google says, though a "small subset" is sampled for permanent storage. The company promises that it never ties the location data to any other information collected from your session.

The Web sites you look up: yes. But again, Google says that information is not stored along with any data that would identify who you are.

I think Google's assurances must be taken with a few heaping grains of salt.

As we have seen with Facebook recently and the data-mining conducted by Cambridge Analytics, when giant corporations offer services for free there must be a catch. To believe that Google is not siphoning from the massive cache of data passing through it's systems every second is most certainly a naive perspective. Nothing is free.

"You have to remember they are also the largest advertising and redirection company on the Internet"

PC World

Google is not simply providing free services for the good of the internet, they likely amass a vast amount of data they sift through in order to increase the effectiveness of digital advertising.

That being said, the type of service that Cloudflare's DNS aims to improve upon are much sought after as in early 2017 the US Senate passed legislation overturning measures preventing ISPs from collecting data from US citizens. This new legislation made it legal for ISPs to collect and sell your internet data.

I guess the conclusion here might be that Cloudflare’s product does increase user privacy, at least in comparison to Google.

I’m not recommending Cloudflare’s service, I’m no techy, but I’m letting you know about this fresh option being made available on the market. Of course, do your own research as there are now numerous public and private DNS services to choose from.

At any rate, DNS 1.1.1.1 is certainly an improvement over a default DNS provided by your ISP… and it’s NOT Google.


How to get started with DNS 1.1.1.1


Cloudflares website includes step-by-step instructions on how to set up and configure DNS 1.1.1.1 for multiple devices including gaming consoles.

  • Android
  • Iphone
  • MacOS
  • Windows
  • Linux
  • Router
  • Gaming Console

Setting up DNS 1.1.1.1

For example, setting up the service for MACs is relatively painless.

  • Open System Preferences.
  • Search for DNS Servers and tap it.
  • Click the + button to add a DNS Server and enter 1.1.1.1 and 1.0.0.1 (for redundancy).
  • Click Ok and then Apply.

Additional Sources


developers.cloudflare.com

Arstechnica



Sort:  

Your Post Has Been Featured on @Resteemable!
Feature any Steemit post using resteemit.com!
How It Works:
1. Take Any Steemit URL
2. Erase https://
3. Type re
Get Featured Instantly & Featured Posts are voted every 2.4hrs
Join the Curation Team Here | Vote Resteemable for Witness

Coin Marketplace

STEEM 0.20
TRX 0.25
JST 0.037
BTC 97184.44
ETH 3434.21
USDT 1.00
SBD 3.07