Firefox DNSSEC feature (DNS over HTTPS)

Firefox seems to work now together with Cloudflare, in order to get your data. What Mozilla calls 'DNS over HTTPS' is simply another term for DNSSEC which signs the queries so that an attacker can't see which domain you're visiting, on paper this sounds good. Firefox nightly and network.trr.mod about:config It's unclear if the new entry gets... Continue Reading →

Cloudflare starts it’s own DNS

Cloudflare is well-known and they started their own DNS resolver which is available under to compete against Google or QuadDNS (and no, it's not an April joke). Lots of promises but like others - no real blocking Before you switch because the picture above shows that the resolver is faster than e.g. Google's DNS... Continue Reading →

personalDNSfilter is a DNS filter proxy for Android to block advertisements

t-ryder posted on XDA his new created DNS filter application which is written in Java, theoretically it can work on other operating systems but the main target seems to be Android. It's original written by Zenz Solution. The DNS filter proxy quickly allows you to block advertisements on an easy way.  You can help this... Continue Reading →

DNS Stubby in his current status

Stubby is yet another young project which want to compete against the known ones e.g. Unbound. What is Stubby? DNS Stubby encrypts DNS queries by using DNS-over-TLS as standardised in the IETF DPRIVE working group. This work focusses on encryption of DNS traffic between the end-point (end-user) and the resolver. DNSCrypt achieves similar encryption of... Continue Reading →

Which DNS Provider blocks the most?

A lot of people choosing a DNS provider to block malware or to bypass ISP DNS server-side restrictions but when it comes to blocking there is almost no documentation what exactly has been blocked. To answer this simple question, CryptoAUSTRALIA has now compared the threat-blocking performance of ten popular DNS providers. Suprisingly Norton ConnectSafe, SafeDNS and... Continue Reading →

DNSCrypt explained – it won’t replace a VPN!

DNSCrypt is a protocol for securing a single hop during a DNS lookup. It allows you to authenticate that the packet you received from the DNS server you connected to is the one that it sent, and also encrypts it over that single hop.  Sadly there several people spreading false facts about DNSCrypt. Please note that... Continue Reading →

DNS over TLS – All the things you need to know

DNS over TLS is a protocol where DNS queries will be encrypted to the same level as HTTPS. This means the provider can’t actually log or see the websites you visit. Is it really better? We will find it out - hang on! Here is an example how it looks like. //Example DNS data returned via... Continue Reading →

IBM’s Quad9 – A closer look

DNS together with FTP and some other protocols are the ones which I consider as dangerous, cause they were never be designed to secure anything especially not attacks against MITM or spoofing in general. IBM promise us with his new service and over 200 servers around the world to protect us against security threats -... Continue Reading →

Blog at

Up ↑

%d bloggers like this: