Let me be the first to say that in the past I always used the 220.127.116.11 DNS server on all my systems. I would configure it on all my machines without even thinking, it was quick and convenient. I believed I could trust Google more than I could trust my home provider or some random hotspot provider. DNS is a convenient way to enforce censorship and monitor activity on a network. It’s true that I can trust Google to not do something malicious with DNS, but can I trust them to maintain my privacy?
The answer is no.
According to the DNS Privacy Project , Google is one of the few organizations that log DNS queries, even though they claim it’s temporary.
Also, it is not clear from their privacy statement whether or not they are sharing identifiable or anonymized data with partners, or selling it. In any case, with how intrusive companies like Facebook and Google have become, why would you want to give them one more unnecessary data point?
What is a a better choice?
In my research, I found that 18.104.22.168 is the best choice (just look at the DNS Privacy Project report yourself). It’s a privacy focused DNS service. It is the result of a partnership between Cloudflare (A for profit company), and APNIC (Asia Pacific Network Information Center, a non-profit). APNIC owned the 22.214.171.124 and 126.96.36.199 addresses, which were set aside for research. They agreed to provide these IP addresses to Cloudflare for the purpose of running a privacy-based DNS service. In return, Cloudflare has agreed to provide statistical data to APNIC. Cloudflare pays the auditing firm KPMG, to audit their practices.
It’s really easy to set up, and the 188.8.131.52 web page has instructions for iPhone, Android, MacOS, Windows, Linux, and Routers.
184.108.40.206 also supports secure DNS technology like DNS/TLS, and DNS/HTTPS. If it’s supported on your browser or application, you can communicate with their DNS servers over an encrypted tunnel.
In summary, switching your DNS provider over to 220.127.116.11 is a great step to decoupling yourself from big internet companies like Google. Why give them yet another data point.