facebook rss twitter

Cloudflare announces 1.1.1.1 'privacy-first' consumer DNS

by Mark Tyson on 3 April 2018, 12:51

Quick Link: HEXUS.net/qadsc4

Add to My Vault: x

Whether you have never ever changed your DNS from that provided by your ISP, or you are already a user of alternatives like OpenDNS or Google DNS, you might be interested in the launch of 1.1.1.1 by Cloudflare and APNIC. The 1.1.1.1 project is said to be "motivated by a mission to help build a better Internet," which sounds good, and both organisations write about their motivations in respective blog posts: Cloudflare Blog / APNIC Blog.

For a brief explainer: DNS stands for 'Domain Name System' and it is a service that translates typed in web addresses, such as hexus.net to numeric ip addresses that computer networks can understand. As Cloudflare writes, "Nearly everything on the Internet starts with a DNS request. Click on a link, open an app, send an email and the first thing your device does is ask the directory: Where can I find this?"

The problem is that the default DNS service provided by your ISP may well be slower and less reliable than other services like OpenDNS or Google DNS. Furthermore, depending on where you live and what DNS service you use, there might be monitoring, data collection, and/or censorship of some sort via the DNS lookup system.

The new 1.1.1.1 comes with some attractive claims. First of all it is said to be a 'privacy first' service; with the backers promising to "never log your IP address", as guaranteed by KPMG auditors. Secondly 1.1.1.1 claims to be "28 per cent faster than anything else". The performance claim is backed up by stats gathered by independent DNS monitor DNSPerf.

If you have read enough about 1.1.1.1, and are perhaps satisfied it is a better service than that provided by your ISP or alternative third party, it is quite easy to use, depending upon your platform. Home users can configure their router so all connected devices use the 1.1.1.1 service, for example. Or you might want to implement it directly for your mobile devices, so it works when you are out and about. Whatever the case 1.1.1.1 provides a step-by-step procedure for various platforms / OSes. Remember that ISPs and other organisations can monitor transferred data beyond your DNS query, making a service like 1.1.1.1 just a small part of your potential privacy armour.



HEXUS Forums :: 16 Comments

Login with Forum Account

Don't have an account? Register today!
Looks interesting. Worth checking out.
As usual the stated numbers for response time are clearly a best case, I checked resolution of bbc.co.uk from 1.1.1.1, 8.8.8.8 (Google DNS) and 208.67.222.222 (OpenDNS) and all were 12-14ms consistently.

I checked our company website, Dig indicated that none of the 3 had it cached, OpenDNS was the fastest at 14ms, 1.1.1.1 20ms and Google 38ms.

This was done at work, on 100Mb Virgin fibre. I don't think I'll bother changing from Google DNS just for marginal benefits.
No human will ever notice the change in speed.
I ping 2ms to 1.1.1.1 and 8-9ms to 8.8.8.8 - woo Hyperoptic
My Virgin DNS goes down fairly regularly. Changed to 1.1.1.1 and not a single glitch today so far…
Hardly a scientific conclusion but normally DNS would give up about 5 times on a normal working day