I read a bit about using a different DNS for Privacy and I think the best one should be quad9? Or is there anything better except self hosting a DNS?

  • nachtigall@feddit.de
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    22
    ·
    1 year ago

    The one from your ISP. Your ISP can see your traffic anyway, so you gain nothing by using a third-party DNS server.

      • nachtigall@feddit.de
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        1 year ago

        Okay, maybe I got the question wrong. If you care about content blocking, then you are right (though I’d prefer self-hosted resolvers like pi-hole or AdGuard Home over third party resolvers).

    • fatcat@discuss.tchncs.deOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      As far as I read (I’m no expert!) they could check the SNI of the TLS handshake if they want. But using the DNS of the ISP is handing them the data right in a way they can analyze/use them very easily afaik?

      Still learning about this topic!

      • nachtigall@feddit.de
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        In the end it comes down to what your goals is. DOH indeed hides DNS queries from sniffers and your ISP, but the traffic between you and your destination is still visible for the ISP (unless you use a VPN or TOR).

        If you only care about the content blocking aspect a third party resolver may make sense as @[email protected] explained below.

        • Engywuck@lemmy.ml
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Yes, my question was just referred to DNS queries. Thank you for your reply.