• Activity
  • Votes
  • Comments
  • New
  • All activity
  • Showing only topics with the tag "privacy". Back to normal view
    1. Is Firefox still a good (enough) browser for privacy?

      Someone posted this on the privacy subreddit. I also ended up finding this and this after doing a bit of searching. As someone who isn’t in the CS/IT spheres (chemical engineering is my...

      Someone posted this on the privacy subreddit. I also ended up finding this and this after doing a bit of searching. As someone who isn’t in the CS/IT spheres (chemical engineering is my background), Firefox has been my go-to browser for awhile, although I’m being made aware of the flaws of Firefox (most of which go over my head) and behavior of Mozilla. What can be done to fix this, especially considering that Firefox is the only FOSS browser with a significant user base?

      22 votes
    2. Best for Privacy: Local Recursive DNS vs Cloudflare's DNS over HTTPS

      I'm trying to decide what option I prefer here in terms of privacy. I'm curious of other's opinions on the issue, and if anyone has a better solution to offer more privacy. Option 1: Hosting a...

      I'm trying to decide what option I prefer here in terms of privacy. I'm curious of other's opinions on the issue, and if anyone has a better solution to offer more privacy.


      Option 1: Hosting a local recursive DNS


      I currently have a device running Pi-hole on my local network. I recently set it up as a recursive DNS server using unbound. This allows me to no longer rely on a public DNS such as GoogleDNS, OpenDNS, Cloudflare, etc. for my queries, and just point straight to the root servers.

      Pro: I removed a "pair of eyes" (Public DNS) out of the equation

      Con: All my queries are not encrypted so my ISP (and potentially others) can still see my DNS queries


      Option 2: Using DNS over HTTPS (DoH) using Cloudflare's client


      With this option I would use Cloudflare's cloudflared daemon they provide on their website. This would allow all my queries to be encrypted when sending them to Cloudflare.

      Pro: Encrypted DNS queries from my local network -> Cloudflare's servers. My ISP can no longer see my DNS queries

      Security Pro: Helps prevent MitM attacks

      Con: I now have a Public DNS back in the equation, which I have to put some trust into. Also, my queries are most likely only encrypted from my local network -> Cloudflare's network. When Cloudflare has to do the recursion, those queries may be not encrypted (my assumption is they will most likely be not encrypted)

      Possible Con: Does Server Name Indication (SNI) "leaking" apply to DNS queries at all? If so, then my query is revealed anyways right?

      As a note, I am nowhere near an expert on the specifics of DNS, so some of my assumptions on how things work may be super wrong!

      6 votes