DNS4EU https://www.joindns4.eu/ https://www.joindns4.eu/about Several levels for citizens: https://www.joindns4.eu/for-public For example child protection, ad-blocking, etc. No, I haven't tried it. We have to wait how privacy works with it on the long run: Suddenly all kind of info is shared with other parties etc. ...?. Ad-blocking circumventing technologies by companies that do not want ad-blocking ... Your thoughts?
Hi, Just my concerns. Will that ever happen, I don't know. Maybe it were better if I had not posted that; I fully admit! It is a concern ... === Forgive me, for now I'm stopping with replying in the thread. Sorry!
Public DNS resovers require a lot of trust, regardles if they are sponsored by government or not. Anyway it is good that such service was created as it loosens relience on US tech firms by EU citizens and companies at least a little bit. It should be really good to use it for SOHO/remote work subnetworks in your home. I wonder what will come out of mass ad-blocking at DNS level. I bet advertisers won't give up so easily and develop ways to bypass that or stop people from using these abilities.
I'm not sure what to think about routing. I tried to do the same for two IPv4 addresses mentioned in article and their first line of ASNs. The result was that my sample was 100% EU. They do provide a Map of DNS4EU Public Resolver locations on https://www.joindns4.eu/for-public. The closest three to UK are in Ireland, France and Netherlands. Does connections between Ireland and Netherlands that does not pass through UK exist? I don't know. I even wonder if this is possible to predict/have manually vetted out "EU routes". I'm certainly not an expert on BGP, but I though this was mostly automatic protocol (with some blocklists etc) that dynamically adapts and has ability to route around damage. Anyway my conclusion is that in order to access DNS resolver that is not provided by your ISP you really ought to use encrypted connections: DNS over HTTPS or DNS over TLS. Any potentially not-geographically-short Internet connection should have some form of encryption.
They log as well: https://digitalcourage.social/@echo_pbreyer/114677885298740199 To be honest, I would not use a public DNS resolver, government funded or not. Though I understand the use case for example in the US where your ISP is allowed to track you and sell the data.
I generally do not trust any service, which lies, I mean, claims no-log. Logging is the only protection against DDoS, all services do it, the only question is, how long before they remove logs? The best services do it after 2 hours. Indeed, this is the reason it is better to use accounts, even for MS or Google, because you have control over your data, you can review it, remove it and they are obliged by law to do it, unlike "anonymous", yet identifiable logs.
Public DNS malware filters to be tested in 2025 https://techblog.nexxwave.eu/public-dns-malware-filters-to-be-tested-in-2025/ TL;DR 95,08% Round trip times do not contradict that infrastructure that DNS4EU sits on is spread across Europe according to Map of DNS4EU Public Resolver locations on https://www.joindns4.eu/for-public The further away from Europe, the longer round trip time. Yes, some packets may travel through UK which exited EU. Use DNS over TLS or DNS over HTTPS if this is a concern.
Sorry for responding to myself, my brain does not always reach all conclusions immediately I think the more "mobile" device is, the more convincing arguments for public DNS resolver one has. For example I only use my personal laptop in my flat and sometimes in my parent house. There aren't that many compelling arguments to use public resolver than second scenario; second scenario is company phone's personal profile. I do connect to employer Wifi to i.e. update apps in work profile but at the same time traffic from personal profile also goes through employer's Wifi. Using DoH in Firefox in personal profile at least slightly reduces privacy risks of connecting through it, though they still may see a lot of metadata (IP, SNI, sometimes even unencrypted HTTP).
