mirror of
				https://github.com/privacyguides/privacyguides.org.git
				synced 2025-10-26 01:02:10 +00:00 
			
		
		
		
	DNS: add Nebulo as worth mentioning & warn about DoH metadata & sort worth mentioning/additional information into sublists (#1200)
* DNS: add Nebulo as worth mentioning Resolves: #1187 * source_code: add Nebulo * dns: add metadata warning to DoH * dns: fix typo in Nebulo's description Yes, Nebulo supports DoT and DoT... * dns: update DoH warning text and link * dns: sort mobile encrypted DNS software together * dns: update DoH warning as suggested by @nitrohorse * dns: sort additional information & worth mentioning into sublists * dns: remove extra ul * dns: sort the sublists * dns: add formatting * dns: update wording as requested by @nitrohorse * dns: copy-paste @nitrohorse 's example * source_code: sort DNS apps * dns: swap Namecoin and Stubby due to alphabetical order
This commit is contained in:
		 Mikaela Suomalainen
					Mikaela Suomalainen
				
			
				
					committed by
					
						 nitrohorse
						nitrohorse
					
				
			
			
				
	
			
			
			 nitrohorse
						nitrohorse
					
				
			
						parent
						
							0cde61c986
						
					
				
				
					commit
					ad17fa03ab
				
			| @@ -281,21 +281,42 @@ github="https://github.com/jedisct1/dnscrypt-proxy" | ||||
|  | ||||
|   <ul> | ||||
|     <li>DNS-over-TLS (DoT) - A security protocol for encrypted DNS on a dedicated port 853. Some providers support port 443 which generally works everywhere while port 853 is often blocked by restrictive firewalls.</li> | ||||
|     <li>DNS-over-HTTPS (DoH) - Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443.</li> | ||||
|     <li>DNS-over-HTTPS (DoH) - Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="DoH contains metadata such as user-agent (which may include system information) that is sent to the DNS server."><a href="https://tools.ietf.org/html/rfc8484#section-8.2"><i class="fas fa-exclamation-triangle"></i></a></span></li> | ||||
|     <li>DNSCrypt - An older yet robust method of encrypting DNS.</li> | ||||
|   </ul> | ||||
|  | ||||
|   <h3>Worth Mentioning and Additional Information</h3> | ||||
|  | ||||
|   <ul> | ||||
|     <li>Firefox comes with built-in DoH support with Cloudflare set as the default resolver, but can be configured to use any DoH resolver. <span class="badge badge-warning" data-toggle="tooltip" data-placement="bottom" data-original-title='"Cloudflare has agreed to collect only a limited amount of data about the DNS requests that are sent to the Cloudflare Resolver for Firefox via the Firefox browser."'><a href="https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/"><i class="fas fa-exclamation-triangle"></i></a></span> Currently Mozilla is <a href="https://blog.mozilla.org/futurereleases/2019/07/31/dns-over-https-doh-update-detecting-managed-networks-and-user-choice/">conducting studies</a> before enabling DoH by default for all US-based Firefox users.</li> | ||||
|     <li>Android 9 comes with a DoT client by <a href="https://support.google.com/android/answer/9089903">default</a>. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="...but with some caveats"><a href="https://www.quad9.net/private-dns-quad9-android9/"><i class="fas fa-exclamation-triangle"></i></a></span></li> | ||||
|     <li><a href="https://apps.apple.com/app/id1452162351">DNSCloak</a> - An <a href="https://github.com/s-s/dnscloak">open-source</a> DNSCrypt and DoH client for iOS by <td><a data-toggle="tooltip" data-placement="bottom" data-original-title='"A charitable non-profit host organization for international Free Software projects."' href="https://techcultivation.org/">the Center for the Cultivation of Technology gemeinnuetzige GmbH</a>.</li> | ||||
|       <li><a href="https://pi-hole.net/">Pi-hole</a> - A network-wide DNS server mainly for the Raspberry Pi. Blocks ads, tracking, and malicious domains for all devices on your network.</li> | ||||
|       <li><a href="https://gitlab.com/quidsup/notrack">NoTrack</a> - A network-wide DNS server like Pi-hole for blocking ads, tracking, and malicious domains.</li> | ||||
|     <li><a href="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby">Stubby</a> - An open-source application for Linux, macOS, and Windows that acts as a local DNS Privacy stub resolver using DoT.</li> | ||||
|     <li><a href="https://namecoin.info/">Namecoin</a> - A decentralized DNS open-source information registration and transfer system based on the Bitcoin cryptocurrency.</li> | ||||
|     <li><a href="https://www.isc.org/blogs/qname-minimization-and-privacy/">QNAME Minimization and Your Privacy</a> by the Internet Systems Consortium (ISC)</li> | ||||
|     <li><a href="https://www.isc.org/dnssec/">DNSSEC and BIND 9</a> by the ISC</li> | ||||
|     <li><strong>Encrypted DNS clients for desktop:</strong> | ||||
|       <ul> | ||||
|         <li><em>Firefox</em> comes with built-in DoH support with Cloudflare set as the default resolver, but can be configured to use any DoH resolver. <span class="badge badge-warning" data-toggle="tooltip" data-placement="bottom" data-original-title='"Cloudflare has agreed to collect only a limited amount of data about the DNS requests that are sent to the Cloudflare Resolver for Firefox via the Firefox browser."'><a href="https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/"><i class="fas fa-exclamation-triangle"></i></a></span> Currently Mozilla is <a href="https://blog.mozilla.org/futurereleases/2019/07/31/dns-over-https-doh-update-detecting-managed-networks-and-user-choice/">conducting studies</a> before enabling DoH by default for all US-based Firefox users.</li> | ||||
|       </ul> | ||||
|     </li> | ||||
|     <li><strong>Encrypted DNS clients for mobile:</strong> | ||||
|       <ul> | ||||
|         <li><em>Android 9</em> comes with a DoT client by <a href="https://support.google.com/android/answer/9089903">default</a>. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="...but with some caveats"><a href="https://www.quad9.net/private-dns-quad9-android9/"><i class="fas fa-exclamation-triangle"></i></a></span></li> | ||||
|         <li><em><a href="https://apps.apple.com/app/id1452162351">DNSCloak</a></em> - An <a href="https://github.com/s-s/dnscloak">open-source</a> DNSCrypt and DoH client for iOS by <td><a data-toggle="tooltip" data-placement="bottom" data-original-title='"A charitable non-profit host organization for international Free Software projects."' href="https://techcultivation.org/">the Center for the Cultivation of Technology gemeinnuetzige GmbH</a>.</li> | ||||
|         <li><em><a href="https://git.frostnerd.com/PublicAndroidApps/smokescreen/blob/master/README.md">Nebulo</a></em> - An open-source application for Android supporting DoH and DoT. It also supports caching DNS responses and locally logging DNS queries.</li> | ||||
|       </ul> | ||||
|     </li> | ||||
|     <li><strong>Local DNS servers:</strong> | ||||
|       <ul> | ||||
|         <li><em><a href="https://namecoin.info/">Namecoin</a></em> - A decentralized DNS open-source information registration and transfer system based on the Bitcoin cryptocurrency.</li> | ||||
|         <li><em><a href="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby">Stubby</a></em> - An open-source application for Linux, macOS, and Windows that acts as a local DNS Privacy stub resolver using DoT.</li> | ||||
|       </ul> | ||||
|     </li> | ||||
|     <li><strong>Network wide DNS servers:</strong> | ||||
|       <ul> | ||||
|         <li><em><a href="https://pi-hole.net/">Pi-hole</a></em> - A network-wide DNS server mainly for the Raspberry Pi. Blocks ads, tracking, and malicious domains for all devices on your network.</li> | ||||
|         <li><em><a href="https://gitlab.com/quidsup/notrack">NoTrack</a></em> - A network-wide DNS server like Pi-hole for blocking ads, tracking, and malicious domains.</li> | ||||
|       </ul> | ||||
|     </li> | ||||
|     <li><strong>Further reading:</strong> | ||||
|       <ul> | ||||
|         <li><a href="https://www.isc.org/blogs/qname-minimization-and-privacy/">QNAME Minimization and Your Privacy</a> by the Internet Systems Consortium (ISC)</li> | ||||
|         <li><a href="https://www.isc.org/dnssec/">DNSSEC and BIND 9</a> by the ISC</li> | ||||
|       </ul> | ||||
|     </li> | ||||
|   </ul> | ||||
| </div> | ||||
| </div> | ||||
		Reference in New Issue
	
	Block a user