I understand setting your DNS to cloudfare helps staying anonymous out there. So if someone sets a Pi Hole linked to Cloudfare does it cover one’s tracks? Together with a VPN.

  • JoeKrogan@lemmy.world
    link
    fedilink
    English
    arrow-up
    22
    arrow-down
    1
    ·
    1 year ago

    DNS is not anonymous. its basically like a phone book, you lookup the name and it gives you a number. That’s it. Your ISP may refuse to give you the number (IP) for a name (address) but thats it. PiHole just gives a local IP for ad domains and gets its requests from other dns servers and caches them locally for a time.

    See here for a list of dns providers

    https://adguard-dns.io/kb/general/dns-providers/

    • tuxprint@lemmy.tuxprint.com
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Pihole + unbound is a great setup. Screw trusting cloudflare or google or whoever with all of your dns queries, be your own dns resolver!

  • NameTaken@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    I think the best you can do is use pihole with unbound so all dns requests go directly to root servers so no middle man involved. If you have a raspberry pi and use dietpi it is very easy to setup.

    • morras
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Best advice. Set your own dns resolver, it’s easy.

      • JaddedFauceet@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Do you expose your DNS server to the public? If not how do you use it outside of the network? Like on mobile

        • morras
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          I don’t expose my dns, because I don’t bother. I’m using Android phone, so I accept my phone is not private.

          But a VPN could be a solution to get in touch with your dns.

  • ZytaZiouZ@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    1 year ago

    Disclaimer: I am no expert by any means.

    With that being said, as others have said, a DNS is like a phone book. By using PiHole with it going to a privacy respecting DNS service, you in theory eliminate being tracked by a DNS provider, but you do nothing to prevent your isp from tracking which ip addresses you access, and you do nothing to prevent search engines tracking which results you click on, you do nothing to prevent your web browser from tracking your browsing (especially on Chrome and Edge).

    In summary:

    DNS lookups: yes

    ISP with IP addresses: no you would need a GOOD VPN or TOR and either one properly configured

    Web browser: no, you need at least Firefox with data collection turned off, preferably with something like ublock installed.

    Search engine: no, requires more research but supposedly duckduckgo and eccosia are privacy respecting *citation required

  • Lee Duna@lemmy.nz
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Not sure about pi-hole, but with dnscrypt-proxy on rooted android. You can anonymize dns queries via relay dns

  • Monkey With A Shell@lemmy.socdojo.com
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    1 year ago

    Having a couple chained together muddies the results enough that unless you’re accessing things that you’re REALLY not supposed to won’t bother to track back. DNS is a ‘ask the next guy’ type of ordeal with some along the way caching the responses they’ve received for whatevr length of time the TTL is set on a record. Technically you could set a DNS server to cache things infefinatly and never querry a public server again past the first call but it would quickly be full of outdated records that point you to the wrong destination.