ControlD is a new DNS service by the makers of Windscribe VPN

Discussion in 'privacy technology' started by mood, Apr 25, 2021.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    39,273
    ControlD is a new DNS service by the makers of Windscribe VPN
    April 25, 2021
    https://www.ghacks.net/2021/04/25/controld-is-a-new-dns-service-by-the-makers-of-windscribe-vpn/
    ControlD
    https://controld.com/
     
  2. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    3,029
    yearly plan's too expensive. $40/year.
    i'll give its free plan a try and see how it compares against the competition.
     
  3. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    4,797
    Let me know what you think. I use NextDNS myself.
     
  4. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,310
    This looks like to be the only comment there from someone that uses it

    “Michel said on April 25, 2021 at 6:03 pm

    I’ve been using ControlD since launch, for about a week now, and you’re not really explaining why someone would use this over another DNS. The short answer is overcoming Geoblocking without needing to fiddle with VPN server settings when changing locations.

    I’m now able to switch between streaming services in Canada, the US, UK, and Switzerland simply by clicking their respective bookmarks – as if there were no such thing as geoblocking. All my local accounts such as banking, email, government, etc, are unaffected and work normally.

    You can configure ControlD for any domain, and it already includes many preset services. You can use it on almost any device, including your router. I use it on an older chromebook wired to my tv for streaming. It has a simple interface, allows custom settings for individual domains, and requires no installation. I’ve had to fiddle with one or two sites, but it’s remarkably polished on launch and they’ve already added at least one channel, and responded immediately regarding an issue with another.

    I’m a Windscribe user primarily for international streaming, but I will probably switch over to ControlD because it does what I want and is a simpler, more elegant solution. I may sound like an ad, I know, but this thing works much better than any vpn I’ve used. I don’t notice a speed drop in most cases.”
     
  5. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,053
    How can a DNS service bypass geo-blocking?

    (It can change the IP of servers, but not your IP?)
     
  6. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    3,029
    will do. :thumb:
     
  7. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    3,029
    it's a smart dns proxy. your connection is routed through a proxy to bypass geo-restrictions .
     
  8. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,956
    Location:
    Location Unknown
    I too am anxious to see how this stacks up to NextDNS. From what I can tell, NextDNS seems to offer a bit more granularity with what can be filtered. ControlD does not seem to offer the ability to use specif blocklists like NextDNS does. They allow categories, but not user-defined lists.
     
  9. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    3,029
    https://www.wilderssecurity.com/thr...ebsite-for-a-more-practical-usability.437638/
     
  10. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    4,797
  11. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    3,029
    no problem, t. :thumb:
     
  12. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,310
  13. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,838
    For the free option, what category did you all choose (Unfiltered, Block Malware, Block Malware + Ads, Block Malware + Ads + Social)?

    Legacy DNS, DNS over HTTPs, DNS over TLS?
     
  14. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    2,083
    Location:
    Italy
    Is it possible to see, a block image?
    TH.
     
  15. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,037
    Location:
    Europe
    I see no reason to use this or any other blocking dns over let's say cloudflare dns with ublock origin. Ublock origin already does everything this dns promises to do, I think. Unless they can prove dns blocking adds less overhead than ublock origin blocking?

    Oh, now I saw, it can cirvument geo-blocking. That's something to use it for, I guess, if u don't wanna use a vpn. Oh but it says uses a transparent proxy, that's probably slower than a normal vpn... And worse.
     
  16. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,956
    Location:
    Location Unknown
    But there are differences. DNS blocking is system-wide. uBO is not. DNS blocking can also work on routers and/or Android (not browser). uBO cannot. If you already are using a VPN or your mobile then how do you also block ads system wide, since Adgaurd et al use the one VPN slot? Answer, DNS blocking.
     
  17. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    3,029
    good for smart tv's too.
     
  18. yegor

    yegor Registered Member

    Joined:
    Apr 29, 2021
    Posts:
    6
    Location:
    Toronto
    Hey, I'm from Windscribe/ControlD. There are many reasons to use a service like ControlD, simply because there is no other service exactly like it out there. Here is a brief comparison matrix vs "similar" solutions: https://kb.controld.com/en/compare

    1. Yes uBlock works well, however it only works in the browser. ControlD works on all devices including browsers, any OS, any TV box or phone. There is no apps or extensions to install, it just works.
    2. You can not only block ads, but individual services too. We maintain domain lists for all major services. Our blocklists are based on dozens of community lists, with thousands of false positives removed based on Windscribe user feedback over the last 3 years. If you actually use it, I think you will be pleasantly surprised.
    3. You can unblock any geo-restricted service, or website through proxies in over 100+ locations (These are Windscribe servers).
    4. You can redirect all your traffic through a proxy location of your choice. This works kinda like a VPN (but not really), for HTTP traffic (and some non-SNI enabled protocols like IMAP and SMTP). We're working on ECH support right now, which will allow a browser that supports ECH (Firefox) to function virtually like a VPN, since we can enable ECH for all your traffic, not just sites that support it (there are none right now). No other service out there can do this. No plaintext SNI means you're just sending encrypted data to random IPs, which cannot be easily DPIed and filtered.
    5. ControlD will be faster than a VPN in most cases, especially as we add more global server locations. Currently there are 16, we should be at 25+ by summer time. Unlike NextDNS which boasts nearly a 100, they just get cheap VPSes in random places, and do no traffic engineering - the brute force approach. We don't do that, most of our POPs are running on bare metal hardware, with our own switches and transit. NextDNS is a 2 man operations (pretty amazing what they accomplished with just 2 people), we have several dozen people and 5 years of experience on Windscribe side of things.

    Here are somewhat silly but powerful examples of what you can do with ControlD, that you can't with any other service.

    https://twitter.com/ControlDNS/status/1358267260465463297

    https://twitter.com/ControlDNS/status/1383991179885248520
     
  19. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    2,083
    Location:
    Italy
    Welcome to this forum.:thumb:
    Are you the developer of ControID?

    Can you insert an image of a DNS block?

    I did some tests with the Phishtank database comparing Quad9 DNS and ControID DNS (Legacy DNS - Block - Malware).:thumbd:

    TH.
     
    Last edited: Apr 30, 2021
  20. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,037
    Location:
    Europe
    Hmm that's true. Although, I have personally only 1 program out of hundrends and thousands of portable apps I've used, that actually has an ad (like a real ad, not "Buy our premium product" ad) in it. So basically, if u block ads in browser, u block all ads. Or you guys have programs that when opened show ads in them?

    Lol, you never heard of root on phones? Check F-Druid as a starter, there are plenty of non-dns adblocking apps there, such as AdAway, the one I use.

    Although, setting up a dns is faster than rooting your phone I guess. But if you have the technical expertise to do this, you can surely flash magisk. And control dns is not free (rooting is). Altho, 40$ a year is pretty cheap tho, but then again it quickly adds up for all kinds of **** u subcribe too, so why not do it for free if u can. I don't know about smart tvs or the likes, I don't watch tv. I think it was pretty obvious I meant pc lol. Obviously, you cannot use ublock origin on a tv... (or can you?)
     
  21. yegor

    yegor Registered Member

    Joined:
    Apr 29, 2021
    Posts:
    6
    Location:
    Toronto
    One of them, yes.

    Not sure what you mean by "insert an image of a DNS block". Show a custom block page you mean? Can't do that without breaking TLS or loading a root certificate into your OS (bad idea).
     
  22. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    2,083
    Location:
    Italy
    I would like to see an image where ControID DNS intervenes to block a web page with malware content opened with the browser.:thumb:;)

    When I want to do similar tests I use Pale Moon which doesn't have Google Safe Browsing and I disable uBlock Origin.

    P.S. Obviously no real time AV.
     
    Last edited: Apr 30, 2021
  23. yegor

    yegor Registered Member

    Joined:
    Apr 29, 2021
    Posts:
    6
    Location:
    Toronto
    You can't do that for reasons I mentioned earlier, it would break TLS and you would see a scary red window in your browser.
     
  24. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,037
    Location:
    Europe
    I think he means to show a picture of how control dns blocks a site with malware ( a real one ). Not to show a custom specific page. Which would be, the same page except the malware script cannot connect because of being blocked to the dns, I guess? So prob smth like, blocked by client.
     
  25. yegor

    yegor Registered Member

    Joined:
    Apr 29, 2021
    Posts:
    6
    Location:
    Toronto
    You would get a 0.0.0.0 DNS response if something is being blocked.

    Code:
    yegor@Yegor-Desktop:/$ dig popads.net @76.76.2.2
    
    ; <<>> DiG 9.11.3-1ubuntu1.13-Ubuntu <<>> popads.net @76.76.2.2
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32167
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;popads.net.                    IN      A
    
    ;; ANSWER SECTION:
    popads.net.             10      IN      A       0.0.0.0
    
    ;; Query time: 0 msec
    ;; SERVER: 76.76.2.2#53(76.76.2.2)
    ;; WHEN: Fri Apr 30 16:41:53 EDT 2021
    ;; MSG SIZE  rcvd: 44
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.