I read a bit about using a different DNS for Privacy and I think the best one should be quad9? Or is there anything better except self hosting a DNS?

  • nachtigall@feddit.de
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 year ago

    The one from your ISP. Your ISP can see your traffic anyway, so you gain nothing by using a third-party DNS server.

    • CrazyClown@lemmy.ca
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      That’s not true at all. If you’re after the fastest DNS for loading / response times then the ISP DNS would be ideal. For privacy you’d want one that can offer ad and tracking protection like NextDNS.

      • nachtigall@feddit.de
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        Okay, maybe I got the question wrong. If you care about content blocking, then you are right (though I’d prefer self-hosted resolvers like pi-hole or AdGuard Home over third party resolvers).

        • CrazyClown@lemmy.ca
          link
          fedilink
          arrow-up
          0
          ·
          1 year ago

          You can use pihole as your main resolver and NextDNS as your down stream resolver as well for layered protection. That’s what I do. Works well. NextDNS is free protection up to 300,000 queries a month. If you go over it just acts like any regular resolver. The paid plan is inexpensive too.

    • fatcat@discuss.tchncs.deOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 year ago

      As far as I read (I’m no expert!) they could check the SNI of the TLS handshake if they want. But using the DNS of the ISP is handing them the data right in a way they can analyze/use them very easily afaik?

      Still learning about this topic!