Is using 1.1.1.1 app for all browsing a more secure practice?
No. Cloudflare is a MitM. A better DNS server would be one run by an entity you trust, or possibly 9.9.9.9.
Comments state that there are better options, but isn’t it at least better than using defaults isp’s dns?
. Their app uses Android’s VPN feature to get in control of your traffic in order to reroute your DNS requests.
Does this really count as a strike against them, in terms of privacy? Is it possible that it’s not possible for an to re-route only DNS requests on Android and so they have reroute everything? (I don’t use Android and am not familiar so I’m just posing the question)
FWIW, this is exactly how NextDNS on iOS works. iOS does not provide the necessary APIs to app developers for them to reroute just DNS requests and so in order to do so, an app has to act as a full on VPN and re-route everything, which is what NextDNS does
#3 recommended DNS on PrivacyTools.io is Cloudflare.
This article just explains why using clludflare for MitM (it’s kinda obvious that if you opt in for their DDoS protection and have certs from them, they see the traffic. I suspect that ~70% know that and juts don’t care) - doesn’t expose any violations of this, nor reasons why not to use 1.1.1.1 DNS
That has nothing to do their dns service but ok…
I don’t trust Vultr at all (Choppa LLC)
How is Quad9 and different from Cloudflare?
1.1.1.1 is a VPN so they see more data, but DNS will still let them know a lot.
What does the public dns service have to do with their cdn service?
Also, a cdn by definition and design has to be a mitm. But that has nothing to do with setting 1.1.1.1 as your upstream dns server in your dns resolver.
Using cloudflare as a VPN achieves the same effect as using cloudflare as a CDN. It puts a single US entity in the path of 10% of internet requests.
Quad9 is not subject to US law enforcement or intelligence data-collection and wiretap laws, nor to the gag orders that prevent US companies from discussing such.
Quad9 is bound by criminal privacy laws, whereas companies that hide behind US courts just have non-binding privacy policies. If they violate those policies, nothing happens. If Quad9 violates its privacy policies (and, more importantly, Swiss privacy law) I go to prison. And the Swiss government guarantees those privacy rights for all Quad9 users, not just those in Switzerland or of Swiss citizenship, because it’s Quad9’s Swiss domicile that makes it subject to the law, not the location of the users.
https://www.quad9.net/privacy/compliance-and-applicable-law/
We try not to see users’ data, by encouraging them to run their own caching forwarding resolvers, rather than trying to maximize the amount of user data we see.
There are a vast number of differences, but those are a few of the big ones.
It’s not a VPN. It uses Android’s VPN functionality to override the the system DNS. Your IP is the same, and your routing is the same. It’s just a backdoor method of setting the DNS server.
It’s not a real VPN (if we’re talking Android)
Jesus. It is absolutely embarrassing that you’re getting downvoted and the guy conflating DNS and CDNs is the highest voted comment.
Oh my god I didn’t see “1.1.1.1 app” in the post tile, sorry. Still my previous question is valid tho
same affect as using a CDN
Why is that? Isn’t HTPPS traffic encrypted between me and the sever, and my VPN can’t see it. My VPN then just has my browsing history
Of course, you should never trust VPN’s with your life, because we’ve seen many times where they lied about “no logs” policy when logs got leaked - but I think it’s better to hand your browsing history to some service that at least explicitly says that it won’t track you, as oppose to your ISP, which ususally explicitly says that it will
Also, Quad9 has a human rights policy, rather than being the punchline to the joke about how many nazis are at the table. And they’re a privacy-centric non-profit, rather than surveillance capitalists.
Are you still subject to US laws then?
“The incorporation of Quad9 in Switzerland is still in progress. Until that process is complete, the responsible party for Quad9’s data and website privacy remains CleanerDNS Inc. dba Quad9, 1442 A Walnut Street, Suite 501, Berkeley CA 94709. This document will be updated shortly when the incorporation process is complete.”
Not sure about Android but on iOS it is, or at least can be.
It does more than DNS, that’s just one option. You can also use it as a routing VPN, go read their site.