Your computers, phones, and other devices typically use the domain name system server (DNS) with which the router is configured.
Unfortunately, this is often what is provided by your Internet Service Provider (ISP). These have no privacy features and may also be slower than some alternatives.
The DNS not private (without DoH)
The DNS was designed almost 40 years ago and has not evolved much since. It is completely unencrypted.
This means that it offers the same level of protection against prying eyes as unsafe HTTP traffic, which is not secure at all.
Even if you use HTTPS, any third party in the middle of your traffic can see the sites you link to (but not the content of your visit). For example, on a public Wi-Fi network, the operator of this network could track the sites you visit.
The solution to this problem is DNS via HTTPS (DoH). This new protocol simply encrypts the contents of a query DNS, so that third parties can not "smell" it. The main providers DNS, such as Cloudflare, OpenDNS, and Google Public DNS, they already support it. However, the Chrome and Firefox are also in the process of being released.
In addition to privacy improvements, DoH prevents queries from being violated DNS during transport. It's just a safer protocol and everyone should use it.
However, even if you enable DoH in your browser, it is up to the provider DNS to implement it.
Most home network connections are set by default to use the servers DNS of the ISP, who probably do not support DoH. If you have not changed it manually, this is probably the case with your browser and operating system.
However, there are some exceptions. In the US, Mozilla Firefox automatically activates DNS via HTTPS and uses servers DNS of Cloudflare. The servers DNS Comcast supports DoH and works with Google Chrome and Microsoft Edge.
Generally, though, the only way to really get DoH is to use a different service DNS.
Your ISP can record your browsing history
If you are not at all interested in internet privacy, use the server DNS of your ISP will be a huge problem. Each request sent can record and inform your ISP which sites you are browsing, down to hostnames and subdomains. Browsing history like this is the kind of valuable data from which many companies make huge profits.
Many ISPs, including Comcast, claim that they do not record their customer data. However, Comcast has been actively pressing DoH, even though US ISPs say they are not collecting data. Laws and regulations in other countries vary, so it is up to you to trust your ISP.
It is worth noting that Comcast has now adopted DoH, but this does not protect your privacy if the company DNS your questions. DoH ensures the connection between you and the provider DNS, but, in this case, Comcast is the provider DNS and therefore, can still see the questions.
Of course, the DNS is not the only way ISPs can monitor you. They can also see the IP addresses you are connecting to, regardless of the server DNS that you use. They can gather a lot of information about your browsing habits this way. Changing servers DNS will not prevent you from monitoring your ISP, but it will make it a little more difficult.
Using a virtual private network (VPN) for your daily browsing is the only real way to prevent your ISP from seeing where you are connecting to the internet.
The servers DNS third parties may be faster
In addition to privacy concerns, services DNS provided by ISPs may be slower than Google or Cloudflare. This is not always the case as your ISP will generally be closer to you than a third party, but many people get faster server speeds. DNS third party. Usually, it is only a millisecond difference, something you may not be very interested in.
Which public server DNS should you use?
If you trust Google less than your ISP. You can also use DNS of CloudFlare, which claims to be faster. The main address is 22.214.171.124, with alternative 126.96.36.199.
How to change the settings DNS
To get started, type 192.168.1.1 or 10.0.0.1 to connect to your router.
The exact location of the setting DNS varies depending on the router you have. However, it must be somewhere in the network settings.
For example, in the following router, it is located under My Network> Network Connections> Broadband> Edit. Once there, you can manually change the address and replace the ISP automated servers.
If you have trouble finding it, just do a Google search for your router model to find out where this internal setting is.
If you are you can not change the settings DNS on the router (you are somewhere out of control of Wi-Fi), you can change the settings for your specific device. We'll show you how to change these settings on your Mac and Windows PC
On a Windows machine, open Control Panel from the Start menu, and then go to Network and Sharing Center. In the sidebar, click "Change adapter settings".
You should see a list of your network devices on both Ethernet and Wi-Fi. If you want to change the settings for both, you will need to repeat the following instructions for each device.
Right-click on the first device for which you want to change the settings DNS and then click Properties.
Select "Internet Protocol Version 4" from the list.
On a Mac, you'll find this option in "System Preferences" in the "Network" section. Click on "Wi-Fi" or "Ethernet" and then click on "Advanced" at the bottom of the menu.
How to enable it DNS via HTTPS (DoH)
If you want to enable DoH in your browser, you can do so in Chrome, Firefox, and Microsoft Edge.
In Chrome, go to the internal chrome address: // flags / #dns-over-https, then select "On" from the drop-down menu. Restart Chrome for the changes to take effect.
In Firefox, the option is a bit hidden. Open the menu and go to Options> General. Scroll down and click on "Settings" at the bottom. Select the check box next to “Activate DNS via HTTPS ”. You can also choose a provider DNS manually here if you prefer.