[decisiveness]

>APNIC gets to see the noise as well as the DNS traffic

>Huston emphasised that APNIC intends to protect users' privacy. "DNS is remarkably informative about what users do, if you inspect it closely, and none of us are interested in doing that," he said.

Maybe it is reasonable to take them at their word as they seem trustworthy, but we should at least consider the fact that at least some of this DNS traffic is indeed being analyzed.

[Arnt]

No, wait.

Users of the DNS service get the privacy guarantee.

Non-users do not. If you floodping 1.1.1.1 you are not a user of the DNS service and the privacy terms don't apply to you. Rather you're a member of the Misconfiguration Club, and the site you're pinging has the usual right to analyse your pings.

[comboy]

What if somebody has a bad DNS resolver and what he qualifies as a valid DNS request, researchers do not.

I get the general idea, but having "user-privacy oriented" and "we collect everything and make it available to many researchers" services under the same IP may lead to some issues.

[cesarb]

Even a bad DNS resolver will still send to port 53. The privacy policy probably applies to anything on ports 53, 80, and 443.

[walrus01]

and the DNS over TLS port, 853

[Arnt]

Oh, in that case you can apply those issues to all of Cloudflare. They serve many thousands of websites from each node. God only knows how many different privacy policies may apply depending on which bytes you send to TCP port 80.

[krelian]

I'm pretty sure that all the traffic is being analyzed. The only thing they publicly committed to is not saving your Ip address.