Your browsing activities can be tracked and used by different companies by logging the DNS servers. Learn what a DNS is and why you should use no logs DNS servers.
What is a DNS server?
A DNS (Domain Name Server) is a computer/server that translates hostnames to their associated IP addresses. Thus, when you type in a URL in the address bar of your browser, the browser queries a DNS server to get the IP address associated with the hostname/domain you entered. Next, the browser contacts the webserver located to the IP address and starts to download the required content.
When you get your Internet connection installed on your computer you also get a DNS server set up, one of your ISP (Internet Service Provider). Otherwise, you would not be able to access any web page by entering a URL in your browser. Thus, most of the people get their DNS service from their ISP.
What is DNS logging?
Every time you use a DNS, the server may record your IP address, the domain name you looked up, the current time, and the name of your ISP.
Unfortunately, almost all DNS servers keep logs, meaning that they store the DNS requests received for a period. Thus, someone could take a look at the DNS log records and find out your browsing habits and history. Yes, this is possible!
What do ISPs do with these logs? Officially, they use them to prevent abuses (spam, illegal downloads, etc.), but they may also sell the aggregated info to advertising companies or other companies interested in such data. Just an example of DNS logging: some years ago, AT&T was exposed to dredging DNS records and selling the results to would-be advertisers.
What are the alternatives to DNS servers provided by ISPs?
The default DNS provided by your ISP can be overridden and you may manually set up the DNS server to be used by your computer. You may choose the DNS you want from the public and free DNS servers.
Some of the most popular public DNS servers are those provided by Google (22.214.171.124 and, the alternate DNS, 126.96.36.199) and OpenDNS (DNS server IPs: 188.8.131.52 and 184.108.40.206). Both are free in the sense that they do not charge you for the usage, but they keep logs and use them for advertising, re-marketing, profiling, etc.
Here is what the admin of UncensoredDNS (one of the free and public DNS services that do not keep logs) has to say about Google DNS and OpenDNS:
I dislike any form of abuse of the DNS system, and OpenDNS’ entire business model is to manipulate DNS. They used to do NXDOMAIN redirection, an advertising trick where misspelled domains get redirected to a search page. Now they make a living blocking malware and other things in DNS. Google runs a decent DNS service but I don’t think it is a good idea to give them all DNS lookups in addition to all the other data they have on everyone.
What to do? Go for no logs DNS servers.
A no-log DNS server does not keep any lookup requests. How can we be sure that a DNS server does not keep logs? We can’t. It is all based on reputation. The list of no logs DNS servers that I propose on this post relies on what the server owners declare and on their Internet reputation. It is not a guarantee, but it is probably better than using Google DNS or your ISP DNS.
FreeDNS is an open, free, public, and unrestricted DNS server. The admins claim that no logs are kept.
UncensoredDNS (formerly censurfridns.dk) servers are uncensored and operated by a privately funded individual.
The DNS servers are 220.127.116.11, anycast from multiple locations, and 18.104.22.168, physically located in Copenhagen, Denmark. IPv6 versions of their two DNS servers are also available at 2001:67c:28a4:: and 2a01:3a0:53:53::, respectively.
Another no-log DNS service is DNS.WATCH. The admins state that they have “no interest in logging DNS queries. That’s why all our resolvers are set up not to log queries.” An essential advantage of DNS.WATCH servers are that they are DNSSEC enabled.
Should I use no logs DNS servers?
If you are concerned about your privacy and anonymity, if you don’t want to be the subject of ad targeting and profiling, if you don’t want to have your DNS lookups manipulated in any way, if you are a regular user of VPN and proxy, then YES!
Do you use free and public DNS servers? Let us know your thoughts in the comments below.