
[Idea] DNS Fog, a tool to protect DNS privacy - rme
DNS requests are logged either by your DNS provider or&#x2F;and by your ISP. They log them to track each domain you visit or connect to.
This cannot be fixed by using Google DNS because your ISP can (and will) also log requests to third party DNS servers.
My proposal is the following: make this DNS logging plausible deniable and unusable by clogging it with random DNS requests, these requests would be generated by a software or daemon running on your PC or router.
The software would fire DNS requests for random domains (all of them should be real, for example, domains in the Alexa Top 1 Million and weighted by rank (so popular domains get requested more)).
This bogus DNS request would be fired randomly and, for example, at an average rate of 6 per minute, that way the cpu and bandwidth usage will be negligible. Also, the requests could be triggered just when you make real DNS requests.
When checking your DNS logs, the attacker will have no way to find your real requests, its like looking for a needle in a haystack.
(I am only suggesting this idea, I am not currently developing it).
======
troydavis
Can you cite an example of an mainstream ISP logging DNS queries sent by
clients directly to third-party recursive/non-authoritative DNS servers (ie,
8.8.8.8 or OpenDNS)?

Obviously it’s technically possible, but so is capturing and storing your
cleartext HTTP traffic (not just URLs, the full request and response), and no
mainstream ISP does that.

------
Joyfield
Your ISP can STILL track when you do a TCP connection to any web page.

