WHEN YOU CONNECT to a VPN, as well as proxying your traffic and setting the corresponding updates to your routing table, it may also provide you with different DNS settings. On paper, this was a reasonable idea. Traditional DNS requests (for example, where a website is resolved to 172.31.5.172) are transmitted in the clear, so even if the operator of a DNS server (typically one's ISP) doesn't know the web page a client is looking at, they at least are aware of the server it's on. This is known as DNS leakage. You may use another DNS server (such as Cloudflare's easy-to-remember 1.1.1.1 public offering), but again this is only viable if you trust that operator more than your ISP.
ISPs may also block certain domains at the DNS level, so for a time using someone else's DNS server was seen as a free and easy way around this by nefarious pirates, whose activities we do not condone. Many ISPs are aware of this, and many have taken the rather heavy-handed measure of performing DNS interception. Remember, we said DNS went over in the clear? Well, that makes it woefully easy for your ISP to just reroute those port 53 requests back to their DNS.
So VPNs now market themselves as providing DNS-leak resistant technology. Indeed, some offer an even more budget-friendly “DNS-only" option. The mechanics of this are straightforward: just tunnel DNS requests as well as (or instead of) other traffic. Again, this is just moving the problem of trusting the ISP upstream, to trusting the VPN operator.
While we may have no real problem with our government blocking torrent and streaming sites, or with ISPs voluntarily blocking child pornography sites, the same techniques are used by the brutal and antidemocratic regimes of the world to repress dissidents, activists and journalists. And that we cannot condone. One technical approach is to switch from classical DNS to DNS-over-HTTPS (DOH).
Denne historien er fra May 2022-utgaven av Maximum PC.
Start din 7-dagers gratis prøveperiode på Magzter GOLD for å få tilgang til tusenvis av utvalgte premiumhistorier og 9000+ magasiner og aviser.
Allerede abonnent ? Logg på
Denne historien er fra May 2022-utgaven av Maximum PC.
Start din 7-dagers gratis prøveperiode på Magzter GOLD for å få tilgang til tusenvis av utvalgte premiumhistorier og 9000+ magasiner og aviser.
Allerede abonnent? Logg på
NZXT C1500 Platinum
Top-tier performance and efficiency
Nvidia DLSS vs AMD FSR
Which AI upscaling technique has the edge?
World of Goo 2
Goo-d enough for two
BenQ X300G 4K Short Throw Projector
Priced high, yet punchy
Hyte Thicc Q60
Almost more mobile phone than CPU cooler
Remove stalkerware from your PC
ACCORDING TO KASPERSKY’S LATEST ‘State of Stalkerware’ report, over 40 percent of those surveyed worldwide said they’d experienced stalking or suspected that they were being stalked.
BUILD AN IT SUPPORT HUB
Discover how to use RustDesk to provide remote assistance and control your own devices remotely with Nick Peers
AMD's turn to drop the ball?
WITH INTEL'S RAPTOR LAKE CPUs falling over, the company firing around 15,000 employees, and cancelling its 2024 innovation event, AMD must have been enjoying the view - until its new Ryzen 9000 desktop CPUs rolled out. So, is AMD's CPU a minor stumble or game-changing fumble?
Intel issues fix for Raptor Lake degradation
EARLIER THIS YEAR, I wrote about difficulties I was having with a Core 19-13900K processor (see MPC230 Tech Talk). Little did we realize that we were only seeing the tip of the iceberg. While most complaints have involved the unlocked Core i9 Raptor Lake CPUs, it appears the instability problems build up and potentially impact many Raptor Lake-13th and 14th Gen Core CPUs, with Intel identifying 22 different desktop parts.
AMD Ryzen 7 9700X
The new Zen 5 CPUs are here—time to benchmark!
