Category Archives: Privacy

NextDNS is officially launching their private and secure DNS service

NextDNS Inc has announced today they are soft launching their private and secure DNS service globally. What is so special about NextDNS is that it’s not an ordinary DNS service. Sure, at its very core, it’s the same thing as Cloudflare DNS or OpenDNS. What separates it from the rest is their Anycast array of their own servers that are in charge for routing of traffic to nearest location, making them about as fast as Cloudflare.

What separates NextDNS from the rest

What really sets NextDNS apart is their extensive security and privacy feature set. When using NextDNS as public resolver, it logs nothing. It’s just a domain name resolver and that’s that. However, if you create an account, you can also make NextDNS filter traffic for you on multiple fronts, from security where it blocks phishing and malware to more privacy oriented wide selection of popular block lists like EasyList and EasyPrivacy for ads and trackers to manual block and whitelists to blocking of services, blocking of native trackers in common devices and operating systems, extensive configurable logs, statistics page as well as security/privacy settings where you can actually define where you want your DNS account logs stored when you opt for having logs. For now it can be USA, EU or Switzerland specifically. And if you want to keep logs, you can specify for how long and you can also filter things on a deeper level by only hiding IP’s in the DNS queries or even domains.

Wide support on various types of devices

Another amazing thing about NextDNS is native support for almost any type of device. Be it Android or iOS smartphone, Windows PC, Linux, Mac, browsers or even routers. Yeah, you can install NextDNS client directly on a supported router like ASUSWRT-Merlin powered routers and it’ll filter EVERYTHING that connects through that router. It’s freaking amazing service. I’ve been using it since quite early BETA and it has been amazing. It’s really not just a DNS service, it’s a full security suite where you can exactly control your privacy and security of all devices from mobile device to desktop PC or Android TV media device. Of course within limitations of DNS service. For more precise filtering you still need to use something like uBlock which actually combs through webpage code and filters out tracking junk, but it’s still doing pretty damn good job.

Pricing

As far as pricing goes, regular DNS or DNS with DoT/DoH is entirely free and costs nothing to use just like any other public DNS. However, running extensive block/filter lists is only free for 300.000 queries and then it switches back to regular DNS without filtering if you get past this limit. If you want to use it for unlimited amount of queries, it’ll cost you 1.99€ a month or 19.90€ a year, giving you some discount.

Homepage: https://nextdns.io

Changelog: https://headwayapp.co/nextdns-changelog

RSS: https://headwayapp.co/nextdns-changelog/rss

NextDNS on Reddit: https://www.reddit.com/r/nextdns

My verdict on NextDNS

I’ve been using NextDNS for several months and even though there were few tiny issues, it was rock solid and reliable even during BETA. And what I like NextDNS the most is tracking protection. The amount of garbage devices want to send around that can and most probably does compromise your privacy, NextDNS blocks it at the “entry” point. Almost all communication outside of direct IP communication uses DNS resolving to convert fancy names into ugly numbers. And with their filter lists, you can keep a hand over excessive communication. An if none of the lists block what you want to block, you can do it manually. I run it on all my devices and it’s doing amazing job filtering all the garbage. There are bunch of apps for smartphones that cost as much as NextDNS for a single device. Here, you can basically control traffic of ALL your devices for 20€ a year. I think it’s quite worth it. Give it a try. It’s free for 300.000 queries a month which is quite a lot so in most cases even free plan should be enough to get through the month for most users.

As far as filter lists go, I highly recommend only using the following:

  • All 3 “Disconnect” lists (very lite, only block most common trackers)
  • LightSwitch05 (super extensive filter list that makes use of other lists pretty much obsolete)

I was really amazed by the performance of Lightswitch05 list. It blocks huge amounts of internet manure while causing pretty much no false positives. And its maintainer is really cool too, adding or fixing things really fast. There are tons of lists, but I wasn’t impressed by them, especially not by default NextDNS Recommended list. Just too many problems with a lot of lists where above ones work pretty much flawlessly.

Outrage over Zoom app user tracking, what about all the other apps?

Everyone is being outraged over Zoom app tracking users and sending data to Facebook right now. And I’m siting here scratching my head like, guys, this is not a new thing. ALL the apps you use, whether on Android or iOS are absolutely riddled with this tracking garbage.

Google Analytics, Crashlytics (also from Google), App Measurement (also Google), Branch Metrics, AppsFlyer, Facebook Graph, Facebook Connect and that’s just what I can read from the top of my blocking logs that were running for few days.

Here is an example of my blocking logs only for my Apple mobile device…

MobileAppsBlocking.png

From 22nd March 2020! That’s just 6 days worth of logs and Facebook Graph is actually the most lenient. I only have few ten entries that didn’t even make to the Top Blocked domains list. But it’s there even though I don’t use Facebook AT ALL.

Crashlytics and App Measurement are both among top offenders. I don’t use anything from Google. Literally NOTHING from Google. And yet there it is, pinging whatever crap back to Google. Or at least trying since I have it blocked. Something apps never mentioned at any point or something I never signed up for. And it’s just there, tracking me.

It’s actually really weird how Apple keeps on talking about privacy this and privacy that, constantly obsesses over how apps operate on their App Store yet they don’t seem to care about all this tracking and telemetry junk in pretty much all apps that users can’t really obviously control or even know about. Zoom was a problem on App Store and iOS and Apple only dealt with it in THIS particular case. What about all the others? This needs to be addressed and users need a clear control over this. Preferably on a device system level like blocking apps below do, because my trust in app makers to honor it is somewhere between 0 and ZERO.

Current solution?

Until vendors like Apple does anything about this globally on all apps, there are few options that you can use to prevent all this garbage to leak data about you to big corporations…

Blokada (Android)

Disconnect Privacy Pro (iOS)

NextDNS (Android & iOS)

Basically all these work as virtual VPN on the device so it intercepts traffic on a local level and not like VPN’s usually work, allowing them to filter all this tracking and analytics junk.

So, until Apple starts giving a damn (I have no hopes for Google to kill their own garbage on Android) and controls this, use the above apps and solve it yourself to at least some extent. You’ll save battery and also data. Not to mention privacy. I know it’s not “save it all” approach, but you have to start somewhere and this is a good start.

Big tech owned companies and subsidiaries

I’ve been writing about privacy a lot and since I’ve been dropping data hoarding big tech services, I’ve decided to compile a list of companies owned by Google, Facebook and the likes that are marketed under entirely different name, but essentially operated by these big tech corporations, so people who want to avoid these companies as much as possible can do so without much effort or guessing.

The list generally won’t contain every single company they own, I’m in particularly interested in companies and services that are widely used by people, but aren’t aware they are owned by said big tech. For example, Onavo has been quietly marketed as independent company while it was already owned by Facebook for years at that point. Or my recent discovery that Crashlytics is owned by Google, which is used by many 3rd party services and apps and people don’t really know it’s feeding data to Google.

Google

  • AdMob
  • AllPay
  • Crashlytics
  • DoubleClick
  • Orkut / Hello Network
  • reCAPTCHA
  • Waze
  • Widevine (DRM used by Netflix)

Facebook

  • Instagram
  • Oculus VR
  • Onavo
  • WhatsApp

Twitter

  • MoPub
  • Periscope

Microsoft

  • GitHub
  • LinkedIn

Amazon

  • Twitch.tv

 

To further expand this list, I would like to ask you the readers to supply me with further info down below in the comments section and I’ll update the list to keep it as up to date and extensive as possible.