Firefox & OpenDNS vs Chrome and Google DNS

opethdisciple · 1 Oct 2017 at 18:37

Been a happy user of Chrome and Google DNS for the last few years.

But how much is Chrome and Google services actually spying on us/me?

I used to be an avid Firefox user but switched to Chrome a few years ago as I got fed up with Firefox's performance issues.

I am getting tempted to switch back to Firefox again. I work in the word of Linux so going back Open Source is obviously 'cool'. Firefox or rather Mozilla don't spy on you in the way that Chrome/Google does.

But what about DNS? Is using Open DNS now owned by Cisco any better for surveillance than Google DNS?

PiKe · 1 Oct 2017 at 18:49

If you're that paranoid, you should be using a VPN anyway.

lsg1r · 2 Oct 2017 at 23:53

There are also other options for dns servers...https://dns.watch/ for example

no_1_dave · 3 Oct 2017 at 10:25

opethdisciple said:
Been a happy user of Chrome and Google DNS for the last few years.

But how much is Chrome and Google services actually spying on us/me?

I used to be an avid Firefox user but switched to Chrome a few years ago as I got fed up with Firefox's performance issues.

I am getting tempted to switch back to Firefox again. I work in the word of Linux so going back Open Source is obviously 'cool'. Firefox or rather Mozilla don't spy on you in the way that Chrome/Google does.

But what about DNS? Is using Open DNS now owned by Cisco any better for surveillance than Google DNS?

Unless you're a terrorist or working with highly confidential documents etc I don't see the point in worrying about what usage data they collect.
Ask yourself why a multi-billion dollar company would care what you do with your internet and why they would single out your usage from a pool of hundreds of millions of users. Then decide on the quickest and easiest solution.

Cromulent · 4 Oct 2017 at 02:05

opethdisciple said:
Been a happy user of Chrome and Google DNS for the last few years.

But how much is Chrome and Google services actually spying on us/me?

I used to be an avid Firefox user but switched to Chrome a few years ago as I got fed up with Firefox's performance issues.

I am getting tempted to switch back to Firefox again. I work in the word of Linux so going back Open Source is obviously 'cool'. Firefox or rather Mozilla don't spy on you in the way that Chrome/Google does.

But what about DNS? Is using Open DNS now owned by Cisco any better for surveillance than Google DNS?

If you are ultra paranoid. Rent two $5 a month Linode VPS' and run your own DNS servers. Then switch your local network to use them. Even better run OpenVPN on one the VPS' and then you'll have a totally private VPN as well as totally private DNS as well. All for $10 a month which you can use with as many computers as you like.

Edit: Does require knowledge of running your own Linux servers.

marc2003 · 4 Oct 2017 at 07:48

I don't think you have any idea how useless DNS info is to anyone. Open a developer console to show the network requests performed on this very page you're looking at. You'll see requests going to facebook, twitter and google and because it's only domain names, the DNS provider has no idea whether you're actually visiting the site or are using a website that loads resources from them. You may hate facebook and twitter and never ever visit them but looking at your DNS requests, no one is ever going to know that.

Now repeat the above on busier webpages and you'll realise how ridiculous all this is.

jpaul · 4 Oct 2017 at 08:28

I think op needs to read a primer on dns role eg http://www.ques10.com/p/10610/what-is-the-role-of-domain-name-server-explain-w-1/
since, as said, although google could record the dns requests you make (did this person/IPaddress access overclockers.co.uk today) compared to value of data they can recover, more easily from your chrome browser, it is probably much less interesting. (eg what did you search for)

marc2003 said:
You'll see requests going to facebook, twitter and google

agree; as well, like many, you can block those in FF with the likes of noscript or the the hosts file - so the op could consider that.

Steveocee · 4 Oct 2017 at 12:56

I straddle Chrome (windows machine), Firefox (both machines) and Chromium (Ubuntu machine) and can't say I can notice any difference in speed. Just because you use chrome doesn't mean you need to use google DNS though. Ideally you want the fastest responding DNS server tied with your preferential choice of browser. I wouldn't get too caught up in big companies harvesting your DNS queries.

I tend to use the ISP DNS as they are undoubtedly fastest responding and I know for a fact they don't do anything with the data;

Code:

ISP avg 3.6
Google avg 12.5
OpenDNS avg 23.4

Cromulent · 10 Oct 2017 at 12:34

marc2003 said:
I don't think you have any idea how useless DNS info is to anyone. Open a developer console to show the network requests performed on this very page you're looking at. You'll see requests going to facebook, twitter and google and because it's only domain names, the DNS provider has no idea whether you're actually visiting the site or are using a website that loads resources from them. You may hate facebook and twitter and never ever visit them but looking at your DNS requests, no one is ever going to know that.

Now repeat the above on busier webpages and you'll realise how ridiculous all this is.

It is pretty easy to tell if a DNS request for Facebook is made via you visiting Facebook directly or whether a website you have visited is just loading Facebook resources.

If you make a DNS request to Overclockers.co.uk and then 10ms later you make a DNS request to Facebook it is pretty obvious that it is loading resources from Facebook on another website because no human could make two DNS requests in 10ms. Google know all of this and probably run a fair few algorithms over the data to track internet usage of the people who use Google DNS.

Rainmaker · 15 Oct 2017 at 20:35

Steveocee said:
I tend to use the ISP DNS as they are undoubtedly fastest responding and I know for a fact they don't do anything with the data;

Code:

ISP avg 3.6 Google avg 12.5 OpenDNS avg 23.4

Local DNS (unbound) running on pfSense avg 0.1ms.

jpaul · 15 Oct 2017 at 21:15

doesn't it do one look up and cache the result for a time period ?

Rainmaker · 15 Oct 2017 at 21:46

jpaul said:
doesn't it do one look up and cache the result for a time period ?

Yeah, just the same way Google DNS, OpenDNS, DNS Watch and every other DNS on the planet does. The difference being the cache is on your LAN, so not only do you have authoritative DNSSEC enabled DNS but you don't have to go outside your network every time you want to request a web page. You also control any logging of your DNS queries, and won't attempt to poison or subvert your own queries with ads, censorship etc as you're querying TLD root servers directly. Win. While public DNS will have a larger cache due to the many users (obviously), due to the local nature of running your own even uncached entries are faster than, or just as fast as, going to a third party and requesting them... and then you've cached them anyway for next time.

Steveocee · 16 Oct 2017 at 13:13

Rainmaker said:
Local DNS (unbound) running on pfSense avg 0.1ms.

How far is the hop though if you resolve a new host name from your local to a remote DNS? I have my router cache for my static LAN stuff from the ISP and then DHCP hands out my ISP servers to it's clients so as not to load the local up too much. I want speed not control lol.

opethdisciple · 23 Oct 2017 at 23:06

There is one important advantage to using Google DNS. Especially in light of this KRACK vulnerability and security/snooping in general.

That is it implements DNSSEC. Which is not universal yet across the industry.

Article one, article two.

The only funny thing is, it's Google then doing the snooping on you.

Pawnless Endgame · 23 Oct 2017 at 23:57

Firefox + Pi Hole :-)

Wrinkly · 25 Oct 2017 at 04:42

I don't remember what I did today. I do remember that Owl logo on the BBC computers all these years ago though