Hacker News new | ask | show | jobs
by bovermyer 2653 days ago
If you're ambitious, you can run your own DNS resolver and route all your traffic through that.
2 comments
jstanley 2653 days ago
Your ISP routes all your DNS lookups anyway, so they can see what they are even if you don't use the ISP's DNS server.

They get to see every single unique name you look up, they just don't get to see how often you do it if you use a caching resolver.

You'd need to VPN to somewhere else in order for your DNS queries not to be visible to your ISP.

link
khabaal 2653 days ago
This is not correct anymore since dns over tls. Well most routers do not support this yet, but its possible within your distro.
link
gruez 2653 days ago
AFAIK you can't recurse using dns over tls. You have to use a provider such as google/cloudflare, at which point you're back to square one.
link
deadbunny 2653 days ago
You still need to talk to upstream servers at some point.
link
AsyncAwait 2653 days ago
Indeed, but much less frequently.
link
bovermyer 2653 days ago
True. Using DNS at all means trusting one of the root servers at some point.
link