Last December the Court of Milan ordered Cloudflare to block sites added to Italy’s Piracy Shield system. Cloudflare sees itself as a neutral intermediary but increasingly frustrated rightsholders say it should play a more active role by assisting their fight against piracy. A decision issued by the same court now requires Google to poison its Public DNS to prevent access to pirate sites. It was handed down on March 11 without Google being heard in the matter.
The solution to this is to self-host your own DNS server. This will also let you block ads network wide if you throw something like pihole in front of your DNS.
I have 8.8.8.8 and 8.8.4.4 in my resolver configuration. I’ve heard that 9.9.9.9 might not be poisoned like this. Besides running my own DNS (not even on a dare), is there a good way to get uncensored DNS resutls?
I am not sure if they are also being hit with orders. But Mullvad has some DNS options on their site. Doesn’t require having their VPN either. I personally use either the Ad-block or Base ones. Even helps prevent in-app ads from loading in some games. Here is the relevant part of their site with the list of their options:
Dnscrypt-proxy lets you select dns servers based on whether they filter traffic, keep logs, use DNSSEC, etc. You can also block specific providers, such as Google or Cloudflare.
I wish I was cloudflare so I could just say “no”
Like, what are you gonna do about it? We control the internet. Go ahead and try and sue us again but we can just turn off 70% of all websites if we wanted to.
The Italian national block list keeps causing lots of non-blocked sites from working at all. All because of Cloudflare being used by so many sites. It is basically an issue that is always in TorrentFreak’s news feed every other day or so. lol
Yeah true
Genuine question: is the performance up to par with Google or cloud flare or quad9? Been looking to move to a more privacy focused dns provider but obviously want to keep performance up too.
Try NextDNS. It was built by Netflix architects. Even at the bottom of the world I have found their ultralow network’s performance to be very good.
Google and cloudflare has the resources (and servers) for high uptime and speed. Youre going to have to make a trade off.
Definitely understand that. Was just curious how it was for folks.
I have no way of knowing. I think they’re the same imo
He who cares about privacy even a little bit and uses Google DNS servers doesn’t really care about privacy.
I know at least one person who said they use Googles DNS because it stopped them getting pissy letters from their ISP.
Some people only care about privacy to the point were they don’t see the immediate consequences for their actions.
Lol what? I’d be curious to know the amount of dns queries required for an ISP to complain about this. I’d think it would have to be massive. Also, unless it’s in their TOS, they wouldn’t really have to comply. The only downside is if they’re the only ISP for the user, which sucks and happens.
think the pissy letters were about what the user was accessing not how frequently.
How would changing dns servers change browsing habits?
huh? im very curious on how your thought processes lead you to that statement from my comments lol.
And a dnssec policy will solve that for you
There are ways to use public dns safely. Specifically by running AdGuard Home which filters domains, then forwards your request.
what are some good private dns services i can use that are not google? preferrably outside the us?
Quad9. Swiss based, dnssec available, has beaten blocking orders by Sony before.
They’re about as open as resolvers get, and they pretty much released everything they could when courts tried to interfere with them.
This article is basically referencing the same event as OPs article, but after Canal+ expanded the scope of their legal challenge.
Google does not automatically mean bad. It is dangerous precedent to blanket ban and remove nuance.
8.8.8.8 is an excellent service, and provides genuine privacy gains. The largest downside being that it is such a massive target for bad-faith and ignorant actors - like the Italian government.
Google does not automatically mean bad
Yes it does.
Google does everything with an angle, and that angle is putting you under surveillance and collecting monetizable data on you.
Google has (or had, maybe?) fantastic products. They’re truly great! The translator, the map, Youtube… But they’re great for exactly the purpose of luring you into using them, so they can abuse your privacy with them.
Google products are trojan horses: they’re irresistible but their true purpose is nefarious.
Like I said prior, there is nuance to be had here.
We agree that Google products are generally a honeypot (good products that lure you in), but which products are honeypots are important.
You very likely want to avoid Chrome, Gemini, and Google Search - but 8.8.8.8 is not a honeypot, it is a loss-leader. You will be lured in from 8.8.8.8 if you say “huh. this is a great service. is there anymore?”, but 8.8.8.8 itself is not a malignant service.
Their EULA states that they log all traffic (originating IP, requested url, and destination IP). for “business purposes” (at least, the last time I read it). Seems like a honeypot to me…
I’ll leave the privacy policy here and let people decide for themselves.
They keep two types of logs. An identifiable one which is deleted in 24-48 hours (dns0 and quad9 also do this) and an anonymized one. There is no mention of “business partners”; and it also says explicitly that the information is not used to target ads.
As the privacy policy and service reads, it is not a honeypot. However, Google generally does not act in good faith, so there’s no telling if they have 100% adhered to the policy.
No matter, to make calculated and informed decisions, we should have all the facts in order.
The Pirate community should just abandon DNS altogether and use IP addresses…most of us are savvy enough we don’t need that Pablum anyway 🏴☠️
No we should all migrate to I2P instead.
I2P
That’s pretty cool sounding :)
I was going to comment basically the same thing! Going to need more sites list IP addresses along side their mirrors on whichever sites/chats that they provide them currently.
Tor itself has a pretty good routing scheme that seems like it could replace DNS entirely. There are obvious (but surmountable) UX issues and there may be scalability issues - but it is 100% worth investigating.
The same is true for I2P
FMHY should just distribute an updated HOSTS file, lol 🏴☠️
That’s basically what dns is
Or something like OpenNic.
From an expat, congrats to Italy for being at the forefront of digital stupidity y (along with Spain).
