
Ask HN: Why are alternete DNS providers like 1.1.1.1 or 8.8.8.8 a privacy hazard - xg15
Hi,<p>the discussion about using or not using alternate DNS services comes up periodically here (again today with the AT&amp;T incident), so I wanted to ask a technical question that may be useful to know.<p>Often, there are warnings against using alternate DNS providers for risk of them being able to collect a history of hostnames you visit.<p>However, how would that actually work? There are no cookies or other unique identifiers in DNS - and IP addresses are famously problematic for identifying users. So yes, a DNS provider might see that <i>someone</i> requests questionabledomain.com, but why would that be a problem? How would e.g. Google be able to map an 8.8.8.8 DNS request to a gmail user profile?<p>(Note that I&#x27;m talking about third-party DNS providers that are <i>not</i> identical with your ISP. Of course it&#x27;s easy for your ISP to correlate users as they are the very entity that manages your IP address. However, they can always do that, no matter which DNS provider you use.)
======
gesman
Easy.

100 people are logged on to gmail from IP1 and someone(you) DNS-ing to
naughty1.com

200 people later on logged on to gmail from IP2 and someone(you again?) is
DNS-ing to naughty1.com.

However among group of first 100 and second 200 users - only you are the
common denominator. That would make it a high probability guess that you're
been using that site.

There are other things google can put together to narrow DNS user to persona

