Every connection that your devices make starts out as some kind of DNS request
This request goes to the DNS resolver, which is usually managed by some collective service. The resolver translates your device’s request and gives it the resulting answer.
The Domain Name System (DNS) is the phonebook of the Internet.
since DNS is an integral part of most Internet requests, it can be a prime target for attacks.
By accesing your DNS anybody can find out pretty much all your online activities in your computer.
One thing nobody really knows is the fact that you can choose the DNS you’re using, otherwise by default you are using the one provide by your operative system, most likely google…
So how this works?
1. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.
2. You type any website address on your browser, for example: prvcy.world.(the domain) into your browser’s address bar, the DNS resolver translates this domain to the IP address that points to the prvcy.world website.
3. This trigger a request on your DNS in plain text to find out where prvcy.world is;
4. This plain text generate by your DNS is uncrypted and then the server will respond with another plain text with the address and also will collect your device IP Address.
5. This plain text is saved in the server along with all the other searches you did, are doing, and will do with your specific device.
The mainstream DNS servers are from Google and CloudFlare used by firefox, probably right now you’re using one of those and this information is collected by the Internet Service Provider (ISP).
When you use a DNS encrypted the information collected in the plain text is private, meaning that Ths ISP cannot storage your IP address and your browser history.
So in only one search in your browser you’re disclosing your digital ID with:
1. Your DNS provider
2. The browser provider
3.The website you are visiting
4. and your internet service provider.
Normally the data sent to DNS resolvers typically includes:
• Top-level domain (TLD) requested. This includes links you click/domains typed into address bar/background connections initiated by devices and services
• Visited pages within the TLD – this applies only to the HTTP protocol and is one of the main reasons you should always force HTTPS connections where possible!
• Timestamp request was made
• Public IP address of your device – be careful of private IP leaks within a browser.
Also, your internet services provider (ISP) knows:
Your full name
Your current address
Connection with other devices
This is why browsing over private browsers matters, because Google and Firefox can collected the information related to your search and device and sell it or using for manipulation purposes.
Today, nearly all DNS queries are sent unencrypted, which makes them vulnerable to eavesdropping by an attacker that has access to the network channel, reducing the privacy of the querier.
Examples of attacks by DNS:
Servers vulnerable to a broad spectrum of attacks, including spoofing, amplification, DoS (Denial of Service), or the interception of private personal information.
Spoofing is when a middle man intercept your request and send you to another domain to steal something from you.
Denial of service is common among countries that control and censor the access to certain websites, this means intercepting your request and blocking a response from the server.
Do not trust a DNS provider under any circumstances, because they will store the data somewhere on the same principle, especially if the DNS providers are big tech companies like:
Google Public DNS (of course)
Open DNS from Cisco
Use a VPN or the TOR Network
The Request is already encrypted the first step and anonymous since is coming only from the exit node of TOR or your VPN.
Use prvcy focus browser
We recommend Metager and Bromite. They do not collect your unencrypted request in plain text in order to sell it and use it against you.
Choose a PRVCY focus router
Instead of having a unique DNS address, your router will create a unique DNS address every time you connect to the internet.
As I explain in the Connect course for your router, a PRVCY router will anonymize you by always changing the DNS.
When you connect to the internet, your router will change the DNS number before it sends the request to visit a site etc.