At least 186 EU ISPs use deep-packet inspection to shape traffic, break net neutrality. Many of us already know we lost the battle for Net Neutrality. Behind the scenes, we’re working on integrating security and privacy into our internet traffic by default with upcoming technology such as Wi-Fi 6, WPA3, and quantum internet in the future. Those aren’t here yet...
Most of us don’t run a Virtual Private Server (VPN) on our TV, phone, computer or route our DNS through someone that isn’t our default (data-hoarding Internet Service Providers or Google). If you didn’t understand that last sentence, that’s okay!
I’ll Explain a Bit
We all use a DNS resolver when we go to any web page. If you type "duckduckgo.com" into your browser, it has to look up that name in the “phone book” of the internet and return an IP address.
220.127.116.11 or duckduckgo.com (both will take you there).
You just don’t see that happening. For a very long time, that traffic sending the host “duckduckgo” and your location information has been clear. Meaning, your ISP (Spectrum, AT&T, etc.) knows what you’re looking for. They are farming and collecting that information for their benefit.
Let's check your current DNS resolvers: https://www.dnsleaktest.com/. Do either a Standard test or Extended test. Which companies are collecting all the websites you visit? Do you trust them?
Cloudflare doesn't. They have been working on a free solution to offer everyone. They became a DNS resolver in order to provide a faster, private, and free service. Your DNS can be changed...for free! No one talks about it though. Cloudflare’s service is easier than going into your IPv4 settings on Windows and manually entering 18.104.22.168 and 22.214.171.124. You can do it right now if you know where to go. Done. But wait! Cloudflare’s application secures and protects that traffic, in addition to merely being a resolver!
From their website (https://126.96.36.199/):
Fast. Free. Private.
Your Internet service provider can see every site and app you use—even if they’re encrypted. Some providers even sell this data, or use it to target you with ads.
188.8.131.52 with Warp prevents anyone from snooping on you by encrypting more of the traffic leaving your phone.
We believe privacy is a right. We won't sell your data, ever.
Cloudflare’s speed versus other resolvers.
Now, let’s get to your desktop and laptop! Assuming you’re on Windows, there’s another (free) application you can download to do the same thing. Go ahead and download Simple DNSCrypt.
The setup (my current version is 2.0.22):
On the Main Menu, the green-highlighted sections are the most important. DNSSEC and DNS-over-HTTPS (DoH) the key here. DNSSEC verifies the website certificate you are connecting with (to make sure it’s not an imposter). DoH secures that process so that only you and the website know what’s going on. No one outside can see the interaction.
You can choose to only use servers without logging and filters. In this case, we’ll be choosing Cloudflare as the resolver (they take care of that). Otherwise, there’s an option to let this application choose from a pool of resolvers based on these preferences. Either one is fine.
On the Resolvers menu:
Choose the cloudflare options.
We’ll stop there. You can find more information on their website. Test it again after the change: https://www.dnsleaktest.com/. Windows might cache (remember) your previous settings. Either clear that (
ipconfig /flushdns) or give it some time to activate (maybe reboot).
This secures your privacy on multiple devices, because you deserve it. It’s your right. Protect yourself, your personal conversations, credit card numbers, passwords, and everything in between.
Many websites you visit already use HTTPS (the S means Secure); so a VPN isn’t entirely necessary once we apply DNS protection (if you use already use a VPN, keep using it).
If you’re interested in going further, I highly recommend setting your default search engine to https://duckduckgo.com/. Google already knows a lot about you.
Firefox has made many changes and improvements as well. If you’re using Internet Explorer or Edge, stop now. Go ahead and grab Firefox. If you’re using Chrome, you may want to consider the change.
Lastly (for now), don’t surf without an ad blocker and tracker blocker. uBlock Origin for Firefox makes the internet more bearable. Once you go from an ad blocker to no ad blocker, you wonder how you surfed without it. Privacy Badger will find extra trackers, there are many, and stop them. It freely allows you to turn them back on if something doesn’t work on the website.