DNS privacy: Use a DNS provider that doesn’t track you

Many ISPs and other DNS providers are slow or inject ads, track you, hijack DNS queries or do other nasty stuff. To mitigate this, you should use a fast, reliable and free service that respects your DNS privacy.

To use a fast and free – as in cost and censorship-free – DNS provider that doesn’t track you, many people recommend using Google’s DNS servers. However, Google Public DNS permanently logs your ISP and location information for analysis. Your IP address is also stored for 24 hours.

Since Google’s primary business model is to sell targeted ads, it makes sense that your privacy isn’t their primary concern. It shouldn’t be a shock to anyone if they use data collected from a service provided free of charge to fuel their bank account.

When it comes to services like this, you have to find someone you trust. There is no accountability, as you can’t exactly get access to their backend services to verify that there is no logging. However, if they have a data breach or hire an honest employee, the world will know and their reputation will be destroyed forever. The internet never forgets.

A provider that gives you DNS privacy

DNS.WATCH is a service that exists because the people behind it claims that they believe in freedom of information. What they provide is a fast, free and uncensored DNS service where the resolvers are configured to not log any queries.

No censorship. No Bullshit. Just DNS.

~ DNS.WATCH

So what’s their business model? Where’s the catch?

They’re not a business and doesn’t have anything to sell. Their costs are covered by sponsors and donations. They are not running an ad network. There is no DNS hijacking or any other humbug.

We’re not interested in shady deals with your data. You own it. We’re not a big corporation and don’t have to participate in shady deals. We’re not running any ad network or anything else where your DNS queries could be of interest for us. Other providers do.

The technical details

These are their DNS servers, as provided on the DNS.WATCH website. They have DNSSEC enabled, they don’t do any logging, and they can be used free of charge. Oh, and in my experience, they are very fast too!

resolver1

IPv4: 84.200.69.80
IPv6: 2001:1608:10:25::1c04:b12f

FQDN: resolver1.dns.watch
Explicit v6 FQDN: resolver1v6.dns.watch

resolver2

IPv4: 84.200.70.40
IPv6: 2001:1608:10:25::9249:d69b

FQDN: resolver2.dns.watch
Explicit v6 FQDN: resolver2v6.dns.watch

If you need any help on setting up your computer to use these resolvers, they have handy howtos for changing DNS resolvers here.

There are 3 comments

I love comments that bring new insights, shares ideas and experiences, and most of all: corrects my mistakes. For support questions, there are other fora, like Stack Overflow, Server Fault and the WordPress support forum.

Your email address will not be published. Required fields are marked *