I maintain an easy public resource on home WiFi security, I’ll update it if there’s news that requires anything new.https://decentsecurity.com/#/routerwifi-configuration/ …
-
-
I use Google's, myself, but i can't really see a significant difference between their service and opendns. Is there something I'm missing?
-
Opendns used to do NxDomain hijacking but afaik stopped. They still return filtered/doctored results rather than ones matching authoritative
-
Interesting. I've never heard that before.
-
Their whole purpose is blocking domains deemed malware.
-
Sure, but could be a benefit for security-illiterate users. Not how I'd personally want my dns to work, but there's a solid use case.
-
If you want that behavior you need to use only opendns. If you also include 8.8.8.8 you'll get unpredictably inconsistent blocking...
-
..and since 8.8.8.8 is much faster, in practice you won't get much blocking.
-
Using mutually inconsistent dns servers is a really bad idea tho in that it leads to hard-to-diagnose behavior.
- 1 more reply
New conversation -
-
-
Google (8.8.8.8) doesn’t need access to my DNS history.
-
They (or anyone else) can buy it from your ISP anyway. DNS is entirely in the clear. :-(
-
I’m at that obstinate point where I won’t make it easy on GOOG (esp when service is available elsewhere). Good point about DNS in the clear!
-
Running your own local recursive DNS is "best" but a big performance hit (no benefit of shared caching) vs 8.8.8.8.
-
ISP DNS used to be the way to go (fast, no GOOG), but nowadays they're all misconfigured, unreliable, NxDomain-hijacking, etc. - unusable.
-
So for average home users, until new private+secure DNS services emerge, 8.8.8.8 is really the only practical option. :-(
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.