the itjerk

my adventures with technology

Tag Archives: OpenDNS

dnscrypt

Domain Name Service (DNS) is the mechanism by where numeric IP addresses become readable domain names; it’s far easier for me to tell you to visit strawberrybricks.com than a bunch of numbers. When you browse the internet, then, the addresses you type or click on go through a DNS search. Typically, your ISP provides this service, or whomever you get your network connection from – however there is an implicit level of trust involved. Who’s to say that yahoo.com for example, is really yahoo.com? What is the DNS server spoofed the reply? Further, any DNS server can collect a wealth of information by recording your DNS requests. Finally, the speed of your browsing is dependent on how quickly these requests are filled.

Both Google (8.8.8.8) and OpenDNS (208.67.222.222) provide free DNS services that are fast and secure, and supposedly do not track your requests. A third service, Quad9 (9.9.9.9) was very recently launched. Your ISP has a lot of information about you. Switching your DNS to one of these providers is simple (just type them in your router, or network connection), and gives some degree of privacy. Every little bit helps?

DNSCrypt goes one further by encrypting all your DNS requests. It’s an easy enough program to install, available for PC, Mac and Linux, and for routers using DD-WRT. On my Ubuntu box, I needed to install libsodium-dev first, and then was most successful installing DNSCrypt-proxy from source by using the old “configure, make, make install” method with version 1.9.5. Then, you can run it with systemd automatically.

On the web:
DNSCrypt

dns, search engines and browsing

Secure browsing is much more than clearing your browser’s cache when done surfing. While Tor Browser isn’t for everyone, two quick and easy things I recommend are using DuckDuckGo as your default search engine and switching to either GoogleDNS or OpenDNS for your web browsing. And use a modern, up to date browser!

DuckDuckGo bills itself as “the search engine that doesn’t track you”, which is reason enough to switch. The search engine results are very good, but even better, the use of bangs (!) allows searches directly to thousands of sites, including encrypted to Google (g!). Plus, it’s easy to install as the default engine on your browser.

DNS servers help resolve domain names and their numeric ip addresses. Most ISP’s DNS is notorious for being spotty, and of course, not very private. Using either Google or OpenDNS’s can speed up your browsing, protect from DNS hijacking, and offer protection from phishing. There’s a lot more to using these services than I’ll write, but just entering them into your router is the place to start.

Remember, however, that browsing security also ends with one’s exit on the web. Subject for another time…

One the web:
DuckDuckGo
Google Public DNS
OpenDNS