Norton ConnectSafe DNS is Retiring

FYI Norton ConnectSafe DNS is Retiring... https://connectsafe.norton.com/

ConnectSafe is being retired due to shift in Symantec’s business focus and investment. Norton wants us to "consider" Neustar UltraRecursive. *Note: Symantec does not endorse Neustar UltraRecursive or any other DNS web protection solution in the market

On November 15, 2018, Norton ConnectSafe service is being retired or discontinued meaning the service will no longer be available or supported. You may continue to use ConnectSafe until November 15, 2018. However, we do recommend that you take a moment to review important details related to this announcement below. see website for more info https://connectsafe.norton.com/

 

Wow!

OK, so not only are they further reducing their staff but they are also dropping services. About time I reconsider my PC security me thinks.

 

Norton Utilities was one of my favorite programs way back in DOS days. But I stopped trusting Norton when Peter Norton sold out to Symantec way back in 1990 and Norton Utilities immediately started to go downhill. I never trusted Symantec to protect my privacy, or to not use my surfing history for their own financial gains. I know of no one who used ConnectSafe! I don't believe Symantec when they say they are stopping this service "to shift their focus". They are stopping it because it was a business failure.

I recommend everyone check out https://1.1.1.1/ for their DNS if they choose to use something other than that provided by their ISP. I've been using it for a couple years now (previously used OpenDNS) with no problems. It is very fast and private. In fact, their motto is "Privacy First: Guaranteed".

If you want to check it out, I recommend setting the DNS server addresses in your router. In this way, you only have to modify one device (the router) instead of every computer and other "smart" device in your home.

BTW, I didn't stop using OpenDNS because I stopped liking it. I stopped OpenDNS because 1.1.1.1 was faster. So if not happy with 1.1.1.1 (but I bet you will be), and you still want to use something other than your ISP's DNS servers (and you should!), try OpenDNS.

 

that's cf, right?
edit: ok, checked it and it's cf & apnic collaboration.
is it better than g (8's & 4's)?

 

Agreed. I have been using ConnectSafe for awhile now. Shame.

 

If you want people to follow what you are saying, you really should spell out what you mean - at least once.

Yes, a quick look at that 1.1.1.1 page clearly shows,

If by G you mean Google DNS, you can see the comparison chart on that same page to see what is faster. As for "better" ask yourself this: "do you trust Google to keep your personal information and Internet surfing history private?"

 

I've heard of some shady stuff going on with Cloudfare as well. Not sure I would trust them either.

 

Got a link? I don't go on hearsay.

And for sure, we already know Google profits on our personal data. They readily admit it and use it to target ads at us. And can you trust your ISP to keep your personal data private? They even know your home address, real name, and billing information.

 

sure, in g i trust.

 

Then use Google DNS. Me? I'll pass.

 

I used to use OpenDNS but I don't like their privacy policy, collecting data and sharing it. I'll stick with my ISP's DNS servers as they are the quickest for me and also offer some protection from known malicious / phishing sites. Their website says they don't store DNS history, but Australian law means they have to store metadata for 2 years, so...

 

Shame. It has been one of the best one.
https://blog.cryptoaustralia.org.au/2017/12/23/best-threat-blocking-dns-providers/

 

One reason why I persist in using Agnitum Outpost Firewall Pro 9.3 is its ability to control DNS traffic and restrict it, in my case to OpenDNS.

 

https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/

Cloudflare homepage: WE DO NOT LOG!
Cloudflare privacy TOS: Umm, yes, we log, but we keep logs only for 24 hours.
Cloudflare privacy TOS: We might keep logs for longer and share it with someone, but only we decide it, so do not worry, you can trust us.

There is zero reason to log DNS requests, zero. Corporate DNS might log them to prevent DDoS and avoid abuse, but why to use a corporate DNS then?

 

yeah, no reason to believe cf's privacy practices are significantly better than google's.

 

I think you oversimplified their TOS. You must include "Personally identifiable information" to your vocabulary to understand their privacy policy. There seems to be at least two steps they process data for de-identification.
You also should be aware that some people like me don't sit with laptop only in home. I use my laptop i.e. in train. Even if I trust my ISP providing connectivity to my home, I may not trust ISP providing connectivity in train.
Yes, I have VPN access, but I don't send all traffic though VPN.

 

No, they did. They included it on purpose to tone it down, but that does not make logs less dangerous. The way they play with words only proves, how hard are they trying to deceive users.

Using some random public WiFi does not make you less traceable. You would be surprised what technologies are around, already in use. Just the browser uses ~50 fingerprinting techniques.

 

I don't use Wifi in train to less traceable. I just want to do something productive or entertaining when I travel.

It is important to note that external company is hired for annual audit to check whether Cloudflare is sticking to its word.
If you don't trust Cloudflare you can try to use it by Tor.

 

My reason for not using CF is rather different though, it doesn't work with archive.is.

Related thread
https://news.ycombinator.com/item?id=17742457

 

So you believe your ISP but not OpenDNS.

That's not exactly true anyway. Their Privacy Policy states they will not share with any outside parties. That is standard.

Wow! I think you have blinders on. Googles whole business model is based on collecting users data and using that data for targeted ads and for other sources of revenue.

Wow! You flagrantly misquote the TOS to something it does NOT say then expect us to trust you! You just showed us your true colors, TairikuOkami and I surely trust CF more than anything you have to say now.

There is a HUGE difference between "logs" and "debug logs". CF does NOT collect your real name, your assigned IP address, your billing information or your street address. These are things your ISP already knows and ties to your surfing habits.

If you want to use your ISP's or Google's DNS services, fine! I don't care! If you don't want to use 1.1.1.1, fine! I don't care about that either! But stop with the falsehoods and mischaracterization of 1.1.1.1 because clearly, you have not done your homework.

 

it does not matter which resolver you use, they all log to improve. CF has improved as i watched their reliability and it raised (growing data base). but they claim to log less when using firefox and DoH (TRR). check it out yourself
https://www.grc.com/dns/benchmark.htm
https://www.dnsperf.com/#!dns-resolvers
https://www.dnsperf.com/dns-providers-list

CF ist fastest, but quality one of the last, google+neustar midrange, quality means to wait 3 or 4 times longer for a result. only opendns/umbrella is fast and more reliable
https://www.dnsperf.com/dns-resolver/opendns-umbrella

 

Where did you see that? When I click on quality for Cloudflare, it shows 100%.

Logging is one thing. What they do with the logs and how long they keep them is another thing. Of course we have no choice but to believe the marketing hype. And for that reason, we cannot believe one and discount another. Every body knows Google tracks everything we do. And they sell that data to 3rd parties. That's how we get targeted ads on our computers and cell phones. If you are fine with that, use Google DNS.

I am just saying I have found no other DNS service that promises to protect our personal habits better than CF. As for speeds, I suspect much has to do with where you live. I live in Eastern Nebraska. My ISP is Cox. I tried several DNS resolvers. Google was fast. Cox was faster, and CF was the fastest.

 

Hi Bill,

I don't either. I read it somewhere within the past two weeks or so. I will try to look for it again and post it here. May have been on Reddit.

Cloudfare shows moderate on Steve Gibson's DNS Spoofability test as well. Hope to see some improvement there.

 

You can restrict DNS traffic with this firewall?

 

For me (somewhere in Europe ) Level 3, Quad9 and Google DNS were fastest, but Cloudflare wasn't too much behind them. I trust Cloudflare more than aforementioned services and use DNS over TLS, so it is slow anyway because of session establishment of this cryptographic protocol.

But I have VPS in datacenter in another country in Europe and Cloudflare is fastest there.