Surveillance of the internet for UK

platinum87 said:
Using that test for plusnet it shows only google servers as i am using 4.4.4.4

Are you saying they plusnet don't know i am going to overclockers, as i would have only accessed it through this computer?
Click to expand...

Should've mentioned this earlier, that test also isn't 100% accurate for determining a transparent DNS proxy because, based on your ISP's configuration, this may be easy or near impossible to detect.

With regard to keeping your logs, you have to trust what your ISP's policy says and their "intrepretation" of those requirements.
 
^^ I just picked the first one, its been like 4 years since i set it :)..

I am using google's DNS because a particular website is blocked, or i should say its not blocked but that they have simply edited their DNS to redirect to another site saying its blocked.

I assumed this is the lazy, let me edit one line approach. However i am being led to believe if they are not using a transparent DNS proxy they can not see what websites i go on? Surely that cannot be true?
 
platinum87 said:
^^ I just picked the first one, its been like 4 years since i set it :)..

I am using google's DNS because a particular website is blocked, or i should say its not blocked but that they have simply edited their DNS to redirect to another site saying its blocked.

I assumed this is the lazy, let me edit one line approach. However i am being led to believe if they are not using a transparent DNS proxy they can not see what websites i go on? Surely that cannot be true?
Click to expand...
Your question has a double negative in so I'll avoid replying yes/no in case I get it wrong, lol -

The only thing you are protecting yourself from is your ISP knowing what domain names you tried to access. They will of course still see the target IP. They can then do a reverse DNS look-up and find out the hostname (if they don't have this logged already) but it is slightly more complex than just being handed the data on a plate.

The Google ones are interesting as almost certainly it is to track your behaviour outside of Google websites.
 
dLockers said:
Your question has a double negative in so I'll avoid replying yes/no in case I get it wrong, lol -

The only thing you are protecting yourself from is your ISP knowing what domain names you tried to access. They will of course still see the target IP. They can then do a reverse DNS look-up and find out the hostname (if they don't have this logged already) but it is slightly more complex than just being handed the data on a plate.

The Google ones are interesting as almost certainly it is to track your behaviour outside of Google websites.
Click to expand...

Ok.. so how does changing DNS give you any privacy whatsoever? @jokerguv

But people should keep in mind, the threat is not google or facebook, but the government. Those companies answer to shareholders. The government answers to populist sentiment.
 
platinum87 said:
Ok.. so how does changing DNS give you any privacy whatsoever? @jokerguv

But people should keep in mind, the threat is not google or facebook, but the government. Those companies answer to shareholders. The government answers to populist sentiment.
Click to expand...
Security is famously all about Defense in Depth. If you can protect your DNS requests, it is one more layer of security. It also good to chose something that doesn't redirect you to someone elses opinion of what you should be seeing (Virgin takes you to ads for example).

Your final sentence is all a bit tinfoil hat, but whatever keeps you motivated.
 
platinum87 said:
Ok.. so how does changing DNS give you any privacy whatsoever? @jokerguv

But people should keep in mind, the threat is not google or facebook, but the government. Those companies answer to shareholders. The government answers to populist sentiment.
Click to expand...

This depends on your environment. Your ISP may or may not have mechanisms in place to intercept all DNS requests.

But still, going with a reputable DNS resolver is a step towards improved privacy but certainly isn't the end-all be-all solution.

There's a good article on DNS privacy here: Introduction to DNS Privacy | Internet Society

I'm posting the conclusion because I think that gets through the gist of it:

"Most of the recent work on DNS privacy is associated with the ability of users to override the default recursive resolver provided by the local ISP, with a (typically public) privacy-enhanced recursive resolver, that provides privacy for the DNS transactions between the stub resolver and the recursive resolver. Depending on the specific threat model that applies to each user, use of third-party recursive resolvers via encrypted traffic may (or may not) help improve user privacy.

In addition to these considerations, it should be stressed that many protocols leak information that may endanger user privacy. For instance, the Server Name Identification (SNI) TLS extension includes the web server name being visited in plain-text, and leaks information about visited web sites even when employing HTTPS.

The mechanisms described in this document should be seen as ways to improve, in specific scenarios, certain aspects of network privacy, but not as replacements for other privacy mechanisms such as Virtual Private Networks (VPNs) or implementations of Onion routing such as that in the Tor software [TOR]."
 
dLockers said:
Your final sentence is all a bit tinfoil hat, but whatever keeps you motivated.
Click to expand...

Its nowhere near tinfoil hat, google et al cannot pass laws, the government can.

I mean this entire thread is about the government forcing companies to conduct surveillance, by passing legislation.
 
You must log in or register to reply here.
Back
Top Bottom