Either they’re okay with a switch and it’s easy or they are not open for that and it’s impossible to change their mind.
Pretty much nobody I know wants to switch to Signal or any other messaging app. So it’s SMS communication with them because I definitely won’t install WhatsApp.
Why would they want to stop? This is their fight against adblockers and on Chromium based browsers it’s an effective way so of course they keep pushing. ;)
Looks like my answer wasn’t saved, great…
Anyway, sorry for not reading all of that, but I’ll make it short and stop discussing because I feel like this is leading nowhere.
Unless you’re using hyperlocal and cover all TLDs and wanna browse the internet there’s technically no way around but to use an online DNS server. So coming back to the privacy aspect of this topic the question is: Which one do you trust?
tl;dr: Cut out Cloudfare’s recursive resolver (or anyone else’s) and run your own via PiHole and Unbound.
Tell me you didn’t read the article without telling me you didn’t read the article. Let me point out the relevant part for you:
“A recursive resolver (also known as a DNS recursor) is the first stop in a DNS query. The recursive resolver acts as a middleman between a client and a DNS nameserver. After receiving a DNS query from a web client, a recursive resolver will either respond with cached data, or send a request to a root nameserver, […]”
See that last part with “or send a request to a root nameserver”? That is the DNS server on the internet your Unbound DNS server will ask if it doesn’t have the answer cached for you already.
Umm, Unbound is on your machine. So you’re saying you are your own middle man lol…
Exactly! Since the Unbound DNS server is your server you created your middle man server yourself. “middle man” has a very negative taste but in this case it really isn’t bad at all.
It asks the authoritative nameservers, which is who external DNS servers ask. By using Unbound, you are cutting out those external DNS servers, because you/Unbound is the DNS server. You are asking the authoritative name server directly instead of inserting someone else to ask on your behalf.
Okay, so you get it but you don’t get it fully. Again: Your Unbound DNS server can’t magically know which IPs are behind a domain name. So what does it do? It asks a DNS server on the internet because they know the answer. When you Unbound DNS server got the answer it then tells your computer.
Unbound (your machine) is asking the DNS nameserver.
YES! And where do you think is the DNS server Unbound asks if it doesn’t know the answer because it’s not cached yet? It’s some server on the internet.
You’re saying you are your own middleman lol.
I said you create your own middle man. Unbound is your middle man in this case because you make it look up the IPs behind the domains and it tells your computer these IPs then.
Instead of:
<Client> –> asks –> <DNS server on the internet> –> answers –> <Client>
You do:
<Client> –> asks –> <Unbound DNS (the middle man)> –> asks –> <DNS server on the internet> –> answers –> <Unbound DNS (the middle man)> –> answers –> <Client>
Let me say it again: Your Unbound DNS server being the middle man isn’t a bad thing so please don’t think “middle man” is always a negative term.
I’m saying cut out Cloudfare’s recursive resolver and run your own via PiHole and Unbound.
I just linked Cloudflare’s article about it because they explain it well. Doesn’t mean one must use Cloudflare’s DNS servers.
Did you read the article I linked?
Yes, I did. But I knew what a recursive resolver is before I checked the link because I’m a professional IT administrator and I know how DNS works. It’s part of my job.
You don’t cut the middle man, you create the middle man with Unbound. And Unbound needs to ask other DNS servers on the internet to resolve DNS queries. Your local DNS server can’t just magically know which IP is behind a domain like for example google.com. It needs to ask other DNS servers that know the answer. So unless you’re not using hyperlocal you will always need a DNS server on the internet to browse the web.
The question still remains because what upstream DNS server in Pi-hole will you use? You’ll always need to use a DNS server on the internet unless you use hyperlocal.
Depends on what is secure enough to you. For me that is secure enough but I know a ton of people out there who would say it’s not secure enough for them. So in the end it’s up to you. Think about the risks and make a decision.
I use a Synology NAS which I can access from everywhere as long as I have internet connection.
The title is misleading. The article only talks about LinkedIn.
Good choice. I’ve switched from pfSense to OPNsense over a year ago and I never looked back. Now that the news are out there’s one more reason for me to not look back.
Haha, you’re welcome. :D
Ooh, gotcha! Maybe this one then? I think they recently changed their design.
RethinkDNS maybe? Or maybe NextDNS?
Yes. Your DNS queries will be sent to a group of DNS servers instead of just one and they all can respond. This helps lowering the latency and improves the reliability since not just one DNS server can respond to your DNS queries. The installation page of NextDNS uses the anycast IP addressess.
I doubt you’ll notice a difference with a different DNS provider. There are 5 of NextDNS’s DNS servers in Australia. As long as you use anycast you should always have good speeds and reliability.
Sadly Plex collects some data about its users. I remember opting out of some telemetry stuff but I can’t remember where that was. If you want a self-hosted streaming service like Plex that completely respects your privacy, Jellyfin is what you’re looking for. I tried it and it’s okay but not as good as Plex imo. But if your main focus is privacy then you should definitely check it out. It’s FOSS.
Edit:
I found where I had to opt out some data collection for Plex. Open this site, scroll halfway down the page. You’lle see two checkboxes for “Send playback data to Plex” and “Advertising Consent”.
Sounds like it's pretty much the same as NextDNS this way. Did you ever use NextDNS? If the answer is yes: What made you go with RethinkDNS over NextDNS?
Edit: I just checked it out since it's free. It's probably great in combination with their app but without the app you lack a custom white- and blacklist and a query log. Means if you don't wanna use the app then you can just manage your filter lists but that's it. And there's only an app for Android so it's not very attractive to use on non-Android devices.
I used Pi-hole and AdGuard Home but they of course only work in your home LAN. So I switched to NextDNS and I’m happy (but not very happy) with it. Their DNS servers are fast and I can choose the blocklists to use myself. It also has a white- and blacklist. And the best part is that I don’t need an app on my phone to use it.
The only thing that bugs me are (feature) updates. I’ve been using it for about a year now and I think nothing has changed this entire time. Also they still offer the Energized blocklists which are dead for over a year now. It feels like the devs don’t care much about their product as long as it keeps running and people pay for it which is sad.
TrackerControl can do this? Afaik it just blocks trackers and/or ads in apps.
Not even gonna name the source where you got that from? :P