this post was submitted on 28 Jun 2023
1 points (100.0% liked)

Privacy

781 readers
3 users here now

Privacy is the ability for an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively.

Rules

  1. Don't do unto others what you don't want done unto you.
  2. No Porn, Gore, or NSFW content. Instant Ban.
  3. No Spamming, Trolling or Unsolicited Ads. Instant Ban.
  4. Stay on topic in a community. Please reach out to an admin to create a new community.

founded 2 years ago
MODERATORS
[email protected]
1
Tips to improve DNS privacy (youtu.be)
submitted 1 year ago by [email protected] to c/[email protected]
3 comments fedilink hide all child comments
 

I'm not sure if I'd use pfsense but some of the advice here is quite useful.

top 3 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 1 year ago

pfSense allows for an "out-of-the-box" ish gateway for most users, but it is a little overkill if your main concern is your ISP and their government de'jour snooping on your DNS traffic.

  1. Get a router that is not your ISP router. Unless there is some rare chance they let you configure some other DNS. Even rarer chance it will be encrypted DNS.

  2. Update your router firmware and check to see if it supports encrypted DNS. I updated my Asus mesh wifi a few months ago and was pleasantly surprised to see it supported forwarding to encrypted services and it works great.

  3. Configure your end clients at the very least. Most modern browsers and even operating systems are starting to configure stand-alone encrypted DNS resolution. Five years ago this was a nightmare to setup. Today it's a breeze.

  4. Huge recommend for Technitium, https://github.com/TechnitiumSoftware/DnsServer. Switched to this from pi-hole and never looking back. It focuses more on privacy, compatibility and security than block lists, but I found it to be way faster in my testing.

Thanks for coming to my TEDx.

[–] [email protected] 0 points 1 year ago (1 children)

Encrypted DNS is a meme. Use Opnsense + VPN + VPN DNS.

[–] [email protected] 1 points 1 year ago

A meme? Why's that?