
1.1.1.1 - okket
https://one.one.one.one/
======
trymas
Original discussion:
[https://news.ycombinator.com/item?id=16727869](https://news.ycombinator.com/item?id=16727869)

------
zeusly
Previous discussion:
[https://news.ycombinator.com/item?id=16727869](https://news.ycombinator.com/item?id=16727869)

------
rethab
So they're saying "Privacy First: Guaranteed". How is it guaranteed though? Is
there anything we can do to verify that claim or do we just have to believe
them?

As far as I understand they're an American company, so if some government
agency wants to have information, they will make them give the information by
any means necessary.

~~~
jve
> As far as I understand they're an American company, so if some government
> agency wants to have information, they will make them give the information
> by any means necessary.

I don't get this attitude. Do you expect or want companies NOT to obey law? Or
have criminals serve you DNS, which try to evade law?

~~~
lucozade
> Do you expect or want companies NOT to obey law?

Whose law? US law in this space says a lot about the rights of US citizens but
a lot less about the rights of non-US citizens. So, yes it's reasonable to
expect that a US company should obey the law but it doesn't follow that
there's no reasonable concern with that.

Having said that, I applaud Cloudfare for making this step. Just because
something isn't NSA proof doesn't mean that it has no value. But the concern
is valid given that Cloudfare, presumably, still have access to the lookup
data.

~~~
cpr
They say they're not logging, so there's no data to supply to any spooks.

~~~
lucozade
Sure, but that doesn't mean, and is unlikely to mean, that they can't log.

They won't be able to pass historic data as they, presumably, don't have it.
But if they are formally requested to give information, at least for targeted
users, my understanding is that they are legally obliged to comply i.e. they
can't refuse to collect if asked.

I believe there are caveats to that e.g. they can't be forced to backdoor an
application but I don't believe that that would be necessary in this case.

------
ramijames
Best domain I've seen in a long time.

~~~
xabi
Love this kind of domains:

\- [http://abc.xyz](http://abc.xyz) (alphabet) \-
[https://rome.ro/](https://rome.ro/) (John Romero) \-
[https://xa.bi](https://xa.bi) (my own) :)

~~~
dingaling
They're clever until you need to read them over the phone and confusion
ensues, or until the private-company registry decides to hike fees.

~~~
beatgammit
I think it's pretty common to have a .com that redirects, which helps with the
phone issue.

------
Majestic121
They provide a fast service, with no data collection, for free, but I fail to
see their motivation on this, which makes me a bit reluctant to use it.

Does someone know what do they get out of it ?

------
celerrimus
Claims as claims, but reality...

In Poland, with quite good internet connection, random quite popular domain
(around 18mln visitors a month), I get times reported by dig @: ISP: 32ms
Google (8.8.8.8): 30ms 1.1.1.1: 112ms (domain TTL was 1557, so result from
their own cache)

Plus, what was mentioned here before. "Privacy First: Guaranteed" \+ free
service. For sure! :)

------
TekMol
[https://1.1.1.1](https://1.1.1.1) also serves the website. I'm undecided
which one I like more.

Other then that: I would not use it. Cloudflare already has enough insight
into my browsing. No reason to give them my whole DNS request history.

------
sigi45
b.root-servers.net and h.root-servers.net are both in every region more or
less slow. Why?

I thought first that it might be an issue with the region but i can't find any
one which showes that b and h are quick.

[https://www.dnsperf.com/#!dns-root-servers](https://www.dnsperf.com/#!dns-
root-servers)

------
grenoire
Cool domain name I'll give em that much

