Sorry if this is a dumb question, but how important is using one of the encrypted DNS services from the megathread? I’ve just been using Google’s DNS servers directly on my router, and have yet to have any issues. Have I just been lucky?
Also, 🫡 to dbzer0 for migrating the community to Lemmy!
DNS doesn’t really matter for piracy, but it can help improve privacy and security.
DNS over TLS will ensure all your dns requests are encrypted, and most clients actually validate the certificate so attempts to hijack the connection are not easily possible.
Firefox can bypass your systems DNS and use DoH. I think windows also supports DoT.
For Linux, systemd networkd and resolved also support DoT.
Keep in mind that some software does not obey system dns settings and can do their own DNS.
I’ve been entering the primary and secondary DNS addressed in my router settings, so it applies to the whole network. I suppose that won’t work for DNS over TLS, DoH, or DoT, then? Unfortunately, my router doesn’t support flashing dd-wrt, so I’m stuck with Netgear’s firmware.
Encrypted DNS can help minimize the amount of information available to your ISP. Most ISPs block and log your traffic through DNS queries since it’s the easiest. By encrypting your DNS traffic, the ISP can’t see what domain you’re trying to find. Although, if they are motivated enough, they can sniff the SNI headers from your TCP traffic.
I’d stay away from Google DNS as they log it for themselves.
Have OSes evolved enough that encrypted DNS is available? If so, would someone with enough technical knowledge link a guide on how to set it up within a popular OS?
I imagine that even if you plug in one of the suggested DNS provider IP addresses into your network settings, the OS is still going to make plaintext requests that your ISP can snoop on unless you require it to be encrypted somehow.