In April 2018, Claudefler released a new security device. It is called 22.214.171.124, it is a consumer DNS address that anyone can use for free. This can help enhance DNS security, improve users’ privacy, and potentially speed up your network connection.
But how does it work? How do you use it? And what DNS privacy can help to improve the risks? let’s take a closer look.
Problems with DNS and privacy
The Domain Name System (DNS) is often called “Internet Book Book”. This is the responsible technology to add to that domain that we use every day with the IP address of the site’s web server (eg Makeuseof.com).
Of course, you can enter the IP address of a site and you will still end up on its homepage, but the text-based URL is very easy to remember, so why we use them
Unfortunately, DNS technology comes with many privacy issues. Even if you take all other general precautions on your system, issues can weaken your online safety. Here are some of the worst privacy issues related to DNS.
1. Viewing your ISP
Due to the way DNS works, it acts as a log of the websites you visit. It does not matter if the site you are visiting is HTTPS- your ISP, mobile carrier and public Wi-Fi provider still everyone knows which domain you have visited.
Worried, from the middle of 2017, in the United States the ISP is allowed to sell its customers’ browsing data for financial gain. Actually, this practice is common throughout the world.
Ultimately, your browsing history is helping big corporations make money. Why should you always use a third-party DNS provider
2. The government is watching
Like ISPs, officials can also use your DNS log to see which sites you are visiting.
If you live in a country that has political opponents, LGBTQ workers, alternative religions, and so on, a less tolerant approach, then visiting the sites of that nature can put you in trouble.
Regrettably, your DNS lookup history can reveal your personal beliefs to those organizations, which potentially will attack you together.
3. Snooping and tampering
You are also at risk of the lack of DNS “last mile” encryption. Let’s say.
The DNS has two sides: official (on content side) and a recursive resolver (towards your ISP). In broad terms, you can ask questions about the DNS resolver (i.e., “Where can I find this site?”), And provide the official DNS nameserver answer.
Data running between resolvers and official servers is protected by the DNSSEC (theoretically). However, the “last mile” part (called stub resolver) and recursive resolver between your machine – is not secure.
Sadly, the last mile provides many opportunities for snoopers and tampeers.
4. Man-in-the-middle Attacks
When you browse the web, your computer will often use DNS data that is cached anywhere on the network. Doing this can help reduce page loading time.
However, the cash itself may be a victim of “cash poisoning”. This is a type of human-centric attack.
In simple words, hackers can take advantage of vulnerabilities and poor configuration to add data to fraud in cache. Then, the next time you try to go to the “poison” site, you will be sent to the criminal-controlled server.
Responsible parties can also repeat your targeted site; You never know that you have accidentally redirected and entered user names, passwords and other sensitive information.
This process is how many phishing attacks occur.
How does Cloudflare work?
Cloudflare’s new 126.96.36.199 service can measure many privacy issues related to the DNS technology.
Before the service became public, the company talked to the browser developers for a long time and developed their tools according to their recommendations.
1. Cloudflare DNS: Is it safe?
Yes, there is no tracking and no data storage. Cloudflare has never shown commitment to track advertisements based on its DNS users or on the basis of their viewing habits. In order to strengthen the consumer’s confidence in his statement, the company has never vowed to save the IP address queries on the disc and promised to remove all the DNS logs within 24 hours.
In practice, this means that your DNS history will be out of the hands of ISPs and governments. Even requesting them with CloudFlare will not be recorded.
2. Sophisticated technology
When you type a URL and press Enter, almost all DNS resolvers will send the whole domain name (“www,” “makeuseof,” and “com”) to the root server, .com server and any intermediary services. .