Stories
Slash Boxes
Comments

SoylentNews is people

posted by chromas on Monday April 02 2018, @10:23PM   Printer-friendly
from the send-us-all-your-privates dept.

On April Fool's Day and Easter Sunday, Cloudflare launched a new "privacy-oriented" domain name system (DNS) service with two IP addresses: 1.1.1.1 and 1.0.0.1. These addresses were offered by the Asia-Pacific Network Information Centre (APNIC) in exchange for allowing APNIC to study the "garbage traffic" often sent to them. The service supports both DNS-over-TLS and DNS-over-HTTPS, and DNSPerf currently ranks 1.1.1.1 as the fastest consumer DNS resolver:

Cloudflare is launching its own consumer DNS service today, on April Fools' Day, that promises to speed up your internet connection and help keep it private. The service is using https://1.1.1.1, and it's not a joke but an actual DNS resolver that anyone can use. Cloudflare claims it will be "the Internet's fastest, privacy-first consumer DNS service." While OpenDNS and Google DNS both exist, Cloudflare is focusing heavily on the privacy aspect of its own DNS service with a promise to wipe all logs of DNS queries within 24 hours.

DNS services are typically provided by internet service providers to resolve a domain name like Google.com into a real IP address that routers and switches understand. It's an essential part of the internet, but DNS servers provided by ISPs are often slow and unreliable. ISPs or any Wi-Fi network you connect to can also use DNS servers to identify all sites that are visited, which presents privacy problems. DNS also played an important role in helping Turkish citizens avoid a Twitter ban.

Also at VentureBeat and Engadget.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Informative) by zocalo on Tuesday April 03 2018, @06:49AM

    by zocalo (302) on Tuesday April 03 2018, @06:49AM (#661844)
    Cisco in particular got a fair bit of notoriety for this in certain circles when 1.0.0.0/8 was first allocated for use (and were already getting some flack for it before then), but they're not the only one. There are an *awful* lot of coffee shop and hotel chains - including some quite large international franchises - that use 1.1.1.1 as a captive portal address for the login/logout page of their free WiFi services, so presumably there's some kind of turnkey solution that was (is still being?) deployed in this space. No way they're going to be going back around all those customers (many of which are probably out of support) to reconfigure them, and since these are not the kinds of places that have on-site IT the chances of any patches being applied - assuming they're even made available - that are not picked up by an auto-update script is probably close to zero. If you're in the habit of using a lot of free WiFi services, then I'd suggest that's another pretty good reason for being wary of using Cloudflare's DNS - on top of all the other privacy related ones.
    --
    UNIX? They're not even circumcised! Savages!
    Starting Score:    1  point
    Moderation   +2  
       Interesting=1, Informative=1, Total=2
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4