The ISP I run is applying [1] such blocks on our DNS recursors (blocking illegal online gambling domains, as per legal requirements [2]).
I still trust my DNS servers (or those of most ISPs, for that matter) more than I trust Cloudflare. I'd rather have intelligence services go through the effort of infiltrating every single ISP separately to get any useful dragnet intelligence, instead of just one large entity that can illegally collect all traffic from all users of a web browser.
I still trust my DNS servers (or those of most ISPs, for that matter) more than I trust Cloudflare. I'd rather have intelligence services go through the effort of infiltrating every single ISP separately to get any useful dragnet intelligence, instead of just one large entity that can illegally collect all traffic from all users of a web browser.
[1] - https://github.com/q3k/rsh-unbound
[2] - https://hazard.mf.gov.pl/Ustawa