Most people never think about DNS (domain name system). Nor should they; it’s one of those running-in-the-background online services. It does one job, and does it well.
Because of how DNS works, everyone online must use a set of DNS addresses – numbers similar to an IP address. Normally your ISP or IT department will assign DNS addresses automatically. Unfortunately, sometimes they don’t use secure DNS.
The good news is that YOU can.
How does changing your computer's DNS protect your privacy?
Every device connected to the Internet uses DNS to get around. This creates the potential for snooping—if a cybercriminal finds your DNS, they can track where you go online.
Securing your own DNS conveys one major advantage: you’re essentially “blurring out” one big identifier of your computer/network on the Web.
Our Secure DNS Recommendations
If you use a (professional-grade, non-spying) VPN, securing your DNS may not be necessary. If you aren't using a VPN, we recommend:
- OpenDNS (with DNSCrypt), or
- A private DNS server. Sometimes your ISP will have these available. If not, you can contract a third party for DNS. (We do have secure DNS servers in our datacenter, available to customers.)
We do not recommend using Google's public DNS numbers. They’re secure (similar to OpenDNS), but Google does track some of your data when you use it: https://developers.google.com/speed/public-dns/privacy.
You can do more to keep your online life private, but it's very complex, sometimes even experimental. If you’re taking advantage of:
These solutions make you 99% invisible to most cybercriminals, even if they use secure DNS too.
In the next Tech Tip we’ll talk about a bonus to online privacy: secure cloud storage. Using free services like Dropbox is handy and fast—but your files are open to theft. Next time we’ll share some services that keep prying eyes away.
Got a tech question you need answered? Please email us at firstname.lastname@example.org and we may make it our next Tech Tip.