Quad9 DNS Malicious Domain Blocking Service
-
@tim_g said in Quad9 DNS Malicious Domain Blocking Service:
@stuartjordan said in Quad9 DNS Malicious Domain Blocking Service:
@tim_g said in Quad9 DNS Malicious Domain Blocking Service:
@coliver said in Quad9 DNS Malicious Domain Blocking Service:
@tim_g said in Quad9 DNS Malicious Domain Blocking Service:
as none of us are doing anything illegal.
When has that ever mattered?
Do you care that you're being recorded when you walk into a bank? A grocery store? At street intersections? No. Why? Because you aren't doing anything illegal.
But you care about this, even though you have nothing to hide regarding your browsing habits?
Explain to me...
I feel very strongly for right to privacy, the argument of legality of whatever a person does is irrelevant.
Quad9 says they don't store IPs, personal data, etc...
Does Quad9 collect and store personal data?
Quad9 infrastructure does not store any personal data about its users. Please read our complete Data Policy here as there are exceptions for harmful attacks against our infrastructure.
Return to Top
How does Quad9 ensure my privacy?When an entity or an individual is using the Quad9 infrastructure, their IP address is not logged in our system. We, however, log the geo-location of the system (city, state, country) and use this information for malicious campaign and actor analysis, as well as a component of the data we provide our threat intelligence partners.
Return to Top
What does Quad9 log/store about the DNS queries?We store details of the DNS records queried, timestamp, and the city, state, and country from where the query came. We do not store source IP information of end user queries.
Return to Top
Does Quad9 share the DNS data that is generated with marketers?Quad9 does not and never will share any of its data with marketers, nor will it use this data for demographic analysis. Our purpose is fighting cyber crime on the Internet and to enable individuals and entities to be more secure. We do this by increasing visibility into the threat landscape by providing generic telemetry to our security industry partners who contribute data for threat blocking.
The NSA said they weren't spying on Americans.
No one here believes anything the government says. Just as @JaredBusch said, I trust a for profit company because if they are caught doing something wrong, they will pay for it.
-
@jaredbusch said in Quad9 DNS Malicious Domain Blocking Service:
@scottalanmiller said in Quad9 DNS Malicious Domain Blocking Service:
@jaredbusch said in Quad9 DNS Malicious Domain Blocking Service:
While this is a great concept, I do not trust that this:
"Anyone anywhere can use it," said Phil Rettinger, GCA's president and chief operating officer, in an interview with Ars. The service, he says, will be "privacy sensitive," with no logging of the addresses making DNS requests—"we will keep only [rough] geolocation data," he said, for the purposes of tracking the spread of requests associated with particular malicious domains. "We're anonymizing the data, sacrificing on the side of privacy."
will remain true because of this:
The Global Cyber Alliance (GCA)—an organization founded by law enforcement and research organizations to help reduce cyber-crime
Emphasis mine.
I agree. The very people we worry most about both from their tendency to act as criminals, and their general abject disconnect with common sense and security. Not a group of people I'd trust with security decision making.
I fully believe the DNS blocking bits of the service will work as advertised. Because the lists they aggregate from are coming form the 3rd party. It is the not tracking all my DNS queries that I do not believe.
I have zero problem accepting Strongarm.io for this, because they are a for profit company that will cease to be if they do something wrong.
I've been using Strongarm. My internal DNS points to it and my Pi-hole points to the internal DNS. Then all of the clients point to the Pi-hole server.
Strongarm hasn't caught anything yet, but I'll be glad it's there when it does.
-
@stacksofplates said in Quad9 DNS Malicious Domain Blocking Service:
@jaredbusch said in Quad9 DNS Malicious Domain Blocking Service:
@scottalanmiller said in Quad9 DNS Malicious Domain Blocking Service:
@jaredbusch said in Quad9 DNS Malicious Domain Blocking Service:
While this is a great concept, I do not trust that this:
"Anyone anywhere can use it," said Phil Rettinger, GCA's president and chief operating officer, in an interview with Ars. The service, he says, will be "privacy sensitive," with no logging of the addresses making DNS requests—"we will keep only [rough] geolocation data," he said, for the purposes of tracking the spread of requests associated with particular malicious domains. "We're anonymizing the data, sacrificing on the side of privacy."
will remain true because of this:
The Global Cyber Alliance (GCA)—an organization founded by law enforcement and research organizations to help reduce cyber-crime
Emphasis mine.
I agree. The very people we worry most about both from their tendency to act as criminals, and their general abject disconnect with common sense and security. Not a group of people I'd trust with security decision making.
I fully believe the DNS blocking bits of the service will work as advertised. Because the lists they aggregate from are coming form the 3rd party. It is the not tracking all my DNS queries that I do not believe.
I have zero problem accepting Strongarm.io for this, because they are a for profit company that will cease to be if they do something wrong.
I've been using Strongarm. My internal DNS points to it and my Pi-hole points to the internal DNS. Then all of the clients point to the Pi-hole server.
Strongarm hasn't caught anything yet, but I'll be glad it's there when it does.
Yeah, that is what I have right now.
-
This is declared as something built by law enforcement. We can be sure they are wording thing in their best interest.
For example all traffic flowing to them could run through spactrum, therefore being recorded, yet the solution itself is not involved.
-
@dashrender said in Quad9 DNS Malicious Domain Blocking Service:
This is declared as something built by law enforcement. We can be sure they are wording thing in their best interest.
For example all traffic flowing to them could run through spactrum, therefore being recorded, yet the solution itself is not involved.
Well so far the benefits of me using Quad9 at home outweigh the fact that the GCA was involved in building it. I really don't care about that, until I'm given a real reason that I am not aware of or don't see.
Right now I'm using the default... Time Warner... so I'd rather use Quad9 over that any day.
-
@tim_g said in Quad9 DNS Malicious Domain Blocking Service:
@dashrender said in Quad9 DNS Malicious Domain Blocking Service:
This is declared as something built by law enforcement. We can be sure they are wording thing in their best interest.
For example all traffic flowing to them could run through spactrum, therefore being recorded, yet the solution itself is not involved.
Well so far the benefits of me using Quad9 at home outweigh the fact that the GCA was involved in building it. I really don't care about that, until I'm given a real reason that I am not aware of or don't see.
Right now I'm using the default... Time Warner... so I'd rather use Quad9 over that any day.
Why not just use google’s?
8.8.8.8 and 8.8.4.4This is what I’ve been using for years.
-
As for your question do I mind being recorded in those place the bank etc, hell yeah I do!
But I have no choice in the matter.
But for DNS I do have a choice, at least at home and at least for now. So I’ll do my best to keep my information out of the hands of those who will do nothing more than find ways to screw me with it.
-
@tim_g said in Quad9 DNS Malicious Domain Blocking Service:
@coliver said in Quad9 DNS Malicious Domain Blocking Service:
@tim_g said in Quad9 DNS Malicious Domain Blocking Service:
as none of us are doing anything illegal.
When has that ever mattered?
Do you care that you're being recorded when you walk into a bank? A grocery store? At street intersections? No. Why? Because you aren't doing anything illegal.
You're out in public in all those places, and the right to privacy doesn't apply. Even the right to privacy is only protection from the federal government and no other entity.
As for not doing anything illegal, the average citizen commits 3 felonies a day. Just because the entirety of the law is not enforced all the time, doesn't mean it's no longer a law.
But you care about this, even though you have nothing to hide regarding your browsing habits?
Explain to me...
Only, as I just said, we're all felons. It's just a matter of weather the government wants to take the time to prove it.
-
@travisdh1 said in Quad9 DNS Malicious Domain Blocking Service:
@tim_g said in Quad9 DNS Malicious Domain Blocking Service:
@coliver said in Quad9 DNS Malicious Domain Blocking Service:
@tim_g said in Quad9 DNS Malicious Domain Blocking Service:
as none of us are doing anything illegal.
When has that ever mattered?
Do you care that you're being recorded when you walk into a bank? A grocery store? At street intersections? No. Why? Because you aren't doing anything illegal.
You're out in public in all those places, and the right to privacy doesn't apply. Even the right to privacy is only protection from the federal government and no other entity.
As for not doing anything illegal, the average citizen commits 3 felonies a day. Just because the entirety of the law is not enforced all the time, doesn't mean it's no longer a law.
But you care about this, even though you have nothing to hide regarding your browsing habits?
Explain to me...
Only, as I just said, we're all felons. It's just a matter of weather the government wants to take the time to prove it.
So what three felonies do you commit daily on the internet, that they could record via your name to IP resolution... in which you want private?
-
@tim_g said in Quad9 DNS Malicious Domain Blocking Service:
@travisdh1 said in Quad9 DNS Malicious Domain Blocking Service:
@tim_g said in Quad9 DNS Malicious Domain Blocking Service:
@coliver said in Quad9 DNS Malicious Domain Blocking Service:
@tim_g said in Quad9 DNS Malicious Domain Blocking Service:
as none of us are doing anything illegal.
When has that ever mattered?
Do you care that you're being recorded when you walk into a bank? A grocery store? At street intersections? No. Why? Because you aren't doing anything illegal.
You're out in public in all those places, and the right to privacy doesn't apply. Even the right to privacy is only protection from the federal government and no other entity.
As for not doing anything illegal, the average citizen commits 3 felonies a day. Just because the entirety of the law is not enforced all the time, doesn't mean it's no longer a law.
But you care about this, even though you have nothing to hide regarding your browsing habits?
Explain to me...
Only, as I just said, we're all felons. It's just a matter of weather the government wants to take the time to prove it.
So what three felonies do you commit daily on the internet, that they could record via your name to IP resolution... in which you want private?
Nobody knows, which is a different issue all together.
Violating a websites TOS is a felony, and many websites TOS say you're not allowed to use an add blocker on their web site. Do you think there is anywhere here that does not use an add blocker of some sort?
-
@travisdh1 said in Quad9 DNS Malicious Domain Blocking Service:
@tim_g said in Quad9 DNS Malicious Domain Blocking Service:
@travisdh1 said in Quad9 DNS Malicious Domain Blocking Service:
@tim_g said in Quad9 DNS Malicious Domain Blocking Service:
@coliver said in Quad9 DNS Malicious Domain Blocking Service:
@tim_g said in Quad9 DNS Malicious Domain Blocking Service:
as none of us are doing anything illegal.
When has that ever mattered?
Do you care that you're being recorded when you walk into a bank? A grocery store? At street intersections? No. Why? Because you aren't doing anything illegal.
You're out in public in all those places, and the right to privacy doesn't apply. Even the right to privacy is only protection from the federal government and no other entity.
As for not doing anything illegal, the average citizen commits 3 felonies a day. Just because the entirety of the law is not enforced all the time, doesn't mean it's no longer a law.
But you care about this, even though you have nothing to hide regarding your browsing habits?
Explain to me...
Only, as I just said, we're all felons. It's just a matter of weather the government wants to take the time to prove it.
So what three felonies do you commit daily on the internet, that they could record via your name to IP resolution... in which you want private?
Nobody knows, which is a different issue all together.
Violating a websites TOS is a felony, and many websites TOS say you're not allowed to use an add blocker on their web site. Do you think there is anywhere here that does not use an add blocker of some sort?
This is all besides the point. Moving on...
So some kind of "law enforcement" backed or founded entity who says they don't log any PII or anything like that, lies and actually does in some way, either directly or indirectly.... I get the principle of the matter, yeah my right to privacy... blah blah. But what does it actually matter? Everything you do is recorded, financial transactions, internet activity, google searches, web server logs, credit cards, location, etc... when has any of it actually mattered for those who are not criminals? (and feel free to leave out anomalies, those don't count)
-
@travisdh1 said in Quad9 DNS Malicious Domain Blocking Service:
Violating a websites TOS is a felony...
Definitely not a felony. At most it is a civil suit.
-
@tim_g said in Quad9 DNS Malicious Domain Blocking Service:
when has any of it actually mattered for those who are not criminals?
And for those who are criminals... good, I'm glad it was recorded to help put them away!
-
@quixoticjustin said in Quad9 DNS Malicious Domain Blocking Service:
@travisdh1 said in Quad9 DNS Malicious Domain Blocking Service:
Violating a websites TOS is a felony...
Definitely not a felony. At most it is a civil suit.
If you really think you do nothing wrong according to the police/feds, feel free to use this new service.
-
@travisdh1 said in Quad9 DNS Malicious Domain Blocking Service:
@quixoticjustin said in Quad9 DNS Malicious Domain Blocking Service:
@travisdh1 said in Quad9 DNS Malicious Domain Blocking Service:
Violating a websites TOS is a felony...
Definitely not a felony. At most it is a civil suit.
If you really think you do nothing wrong according to the police/feds, feel free to use this new service.
How does that relate? That's a totally different thing. That's violating his ISP, not a web site.
-
@scottalanmiller said in Quad9 DNS Malicious Domain Blocking Service:
@travisdh1 said in Quad9 DNS Malicious Domain Blocking Service:
@quixoticjustin said in Quad9 DNS Malicious Domain Blocking Service:
@travisdh1 said in Quad9 DNS Malicious Domain Blocking Service:
Violating a websites TOS is a felony...
Definitely not a felony. At most it is a civil suit.
If you really think you do nothing wrong according to the police/feds, feel free to use this new service.
How does that relate? That's a totally different thing. That's violating his ISP, not a web site.
Well shoot, that's not how I remember the reporting on the story.
-
@travisdh1 said in Quad9 DNS Malicious Domain Blocking Service:
@scottalanmiller said in Quad9 DNS Malicious Domain Blocking Service:
@travisdh1 said in Quad9 DNS Malicious Domain Blocking Service:
@quixoticjustin said in Quad9 DNS Malicious Domain Blocking Service:
@travisdh1 said in Quad9 DNS Malicious Domain Blocking Service:
Violating a websites TOS is a felony...
Definitely not a felony. At most it is a civil suit.
If you really think you do nothing wrong according to the police/feds, feel free to use this new service.
How does that relate? That's a totally different thing. That's violating his ISP, not a web site.
Well shoot, that's not how I remember the reporting on the story.
It matters a bit. Consumers using public web sites are generally pretty safe. You still need to follow the TOS, but the ability to prosecute is minimal.
-
Got Damn.... this whole thread needs to realize that the police are always out to get anything they can on anyone, anytime. Don't play into their game. Don't feed the beast.
Listen to and absorb the message that KRS-One is laid out in 1993. More true now than ever.
-
@rojoloco said in Quad9 DNS Malicious Domain Blocking Service:
Got Damn.... this whole thread needs to realize that the police are always out to get anything they can on anyone, anytime. Don't play into their game. Don't feed the beast.
That is why I turn my phone off whenever I get pulled over so it requires a password to unlock instead of my fingerprint. No need to give them any information that is not required by law.
-
@brianlittlejohn said in Quad9 DNS Malicious Domain Blocking Service:
@rojoloco said in Quad9 DNS Malicious Domain Blocking Service:
Got Damn.... this whole thread needs to realize that the police are always out to get anything they can on anyone, anytime. Don't play into their game. Don't feed the beast.
That is why I turn my phone off whenever I get pulled over so it requires a password to unlock instead of my fingerprint. No need to give them any information that is not required by law.
Someone else is as familiar with that law as myself I see...