Why you should stop using Google DNS now and switch to 1.1.1.1

Let me be the first to say that in the past I always used the 8.8.8.8 DNS server on all my systems. I would configure it on all my machines without even thinking, it was quick and convenient. I believed I could trust Google more than I could trust my home provider or some random hotspot provider. DNS is a convenient way to enforce censorship and monitor activity on a network. It’s true that I can trust Google to not do something malicious with DNS, but can I trust them to maintain my privacy?

The answer is no.

According to the DNS Privacy Project , Google is one of the few organizations that log DNS queries, even though they claim it’s temporary.

Also, it is not clear from their privacy statement whether or not they are sharing identifiable or anonymized data with partners, or selling it. In any case, with how intrusive companies like Facebook and Google have become, why would you want to give them one more unnecessary data point?

What is a a better choice?

In my research, I found that 1.1.1.1 is the best choice (just look at the DNS Privacy Project report yourself). It’s a privacy focused DNS service. It is the result of a partnership between Cloudflare (A for profit company), and APNIC (Asia Pacific Network Information Center, a non-profit). APNIC owned the 1.1.1.1 and 1.0.0.1 addresses, which were set aside for research. They agreed to provide these IP addresses to Cloudflare for the purpose of running a privacy-based DNS service. In return, Cloudflare has agreed to provide statistical data to APNIC. Cloudflare pays the auditing firm KPMG, to audit their practices.

It’s really easy to set up, and the 1.1.1.1 web page has instructions for iPhone, Android, MacOS, Windows, Linux, and Routers.

1.1.1.1 also supports secure DNS technology like DNS/TLS, and DNS/HTTPS. If it’s supported on your browser or application, you can communicate with their DNS servers over an encrypted tunnel.

In summary, switching your DNS provider over to 1.1.1.1 is a great step to decoupling yourself from big internet companies like Google. Why give them yet another data point.

Leave a Reply

Your email address will not be published. Required fields are marked *