WHEN YOU CONNECT to a VPN, as well as proxying your traffic and setting the corresponding updates to your routing table, it may also provide you with different DNS settings. On paper, this was a reasonable idea. Traditional DNS requests (for example, where a website is resolved to 172.31.5.172) are transmitted in the clear, so even if the operator of a DNS server (typically one's ISP) doesn't know the web page a client is looking at, they at least are aware of the server it's on. This is known as DNS leakage. You may use another DNS server (such as Cloudflare's easy-to-remember 1.1.1.1 public offering), but again this is only viable if you trust that operator more than your ISP.
ISPs may also block certain domains at the DNS level, so for a time using someone else's DNS server was seen as a free and easy way around this by nefarious pirates, whose activities we do not condone. Many ISPs are aware of this, and many have taken the rather heavy-handed measure of performing DNS interception. Remember, we said DNS went over in the clear? Well, that makes it woefully easy for your ISP to just reroute those port 53 requests back to their DNS.
So VPNs now market themselves as providing DNS-leak resistant technology. Indeed, some offer an even more budget-friendly “DNS-only" option. The mechanics of this are straightforward: just tunnel DNS requests as well as (or instead of) other traffic. Again, this is just moving the problem of trusting the ISP upstream, to trusting the VPN operator.
While we may have no real problem with our government blocking torrent and streaming sites, or with ISPs voluntarily blocking child pornography sites, the same techniques are used by the brutal and antidemocratic regimes of the world to repress dissidents, activists and journalists. And that we cannot condone. One technical approach is to switch from classical DNS to DNS-over-HTTPS (DOH).
This story is from the May 2022 edition of Maximum PC.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 9,000+ magazines and newspapers.
Already a subscriber ? Sign In
This story is from the May 2022 edition of Maximum PC.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 9,000+ magazines and newspapers.
Already a subscriber? Sign In
Google Gemini vs. ChatGPT
Which LLM currently holds the crown?
Frostpunk 2
Endure a blizzard of tough choices and lasting consequences in the survival city builder sequel
Elgato Facecam Neo
Always sees us in the best light but lacks focus: 8/10 boyfriend, er, camera
Elgato Wave Neo
The Kanye West of mics: Easy to get into, but a little weird
Razer BlackWidow V4 75%
Solid and compact, with hot-swappable switches
Razer Wolverine V3 Pro
Razer's pro controller is even better than Microsoft's
Acer Predator GM712
2008 called, it wants its projector back
AndaSeat Kaiser 4 XL
A chair as big and as comfortable as they come
Gigabyte F027Q2
Speed is of the essence with this OLED screen
Acer Nitro 14
AMD puts on a good show, but it still lacks punch