Hacker News new | past | comments | ask | show | jobs | submit login

rethinkdns dev here

> For spreading DNS providers, would randomly routing to different ones be more or less private than rotating providers every X minutes.

Less private for the simple fact that now you'd have to rely on multiple upstream resolvers to respect your privacy. Stick to one; ideally the one with better privacy guarantees like the Mozilla endpoints to Cloudflare DNS.

Or, use anonymizing protocols like Oblivious DNS over HTTP and DNSCrypt v3.




100% agree. Not sure why you'd randomly play round robin with a bunch of DNS servers. What purpose is this feature even for?

If privacy is what you're intending however, DNS is only one part of that and there are other ways in which things can leak https://www.privacyguides.org/en/advanced/dns-overview/

Generally I just recommend to people to use their internal VPN provider's DNS servers and call it a day, or of course Tor.


I use (and recommend) local recursive resolvers.


It's unencrypted and exposing your IP. From a privacy perspective it's better to use something like Mullvad DNS over DoT or DoH.


Exposing my IP to who exactly?

My ISP can already see where I go and what I do anyway.

But you do you, friend.


> the Mozilla endpoints to Cloudflare DNS

Oh, I did not know that Mozilla had an endpoint on Cloudflare's 1.1.1.1 service, but there it is!

https://github.com/mozilla/gecko-dev/blob/c09764753ea40725eb...

https://mozilla.cloudflare-dns.com/dns-query

Does Mozilla publish their terms somewhere? I'm curious how their endpoint is any different.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: