Cloudflare Launches 1.1.1.1 Consumer DNS Service With a Focus On Privacy (betanews.com)

← Back to Stories (view on slashdot.org)

Cloudflare Launches 1.1.1.1 Consumer DNS Service With a Focus On Privacy (betanews.com)

Posted by msmash on Sunday April 1, 2018 @05:00AM from the how-about-that dept.

BrianFagioli writes: Today, Cloudflare announces a new consumer DNS service with a focus on privacy. Called '1.1.1.1.' it quite literally uses that easy-to-remeber IP address as the primary DNS server. Why announce on April Fool's Day? Because the IP is four ones and today's date is 4/1 -- clever. The secondary server is 1.0.0.1 -- also easy to remember.

The big question is why? With solid offerings from Google and Comodo, for instance, does the world need another DNS service? The answer is yes, because Cloudflare intends to focus on both speed, and more importantly, privacy.

9 of 225 comments (clear)

Min score:

Reason:

Sort:

This DNS stops ISPs from knowing sites you visit? by JoeyRox · 2018-04-01 05:27 · Score: 4, Informative

From the article:

"What many Internet users don't realize is that even if you're visiting a website that is encrypted -- has the little green lock in your browser -- that doesn't keep your DNS resolver from knowing the identity of all the sites you visit. That means, by default, your ISP, every wifi network you've connected to, and your mobile network provider have a list of every site you've visited while using them," says Cloudflare.

How does this stop ISPs from knowing which sites you visit? Once Cloudfare's DNS serves up the IP address (instead of your ISP's DNS), you still need to send/receive traffic from that IP address, which the ISP can easily monitor. The only way to prevent this is to use a VPN, while making sure to use your VPN's DNS as well.
Re: Too bad Cisco uses this for a virtual IP in so by Tim+the+Gecko · 2018-04-01 05:48 · Score: 5, Informative

I think you're confusing it with 10.x.x.x.
I don't think they are. For example: https://supportforums.cisco.co...
Pretty fast by TFlan91 · 2018-04-01 05:50 · Score: 5, Informative

Just ran a benchmark of the service, here are my results:
Final benchmark results, sorted by nameserver performance: (average cached name retrieval speed, fastest to slowest)
1. 0. 0. 1 | Min | Avg | Max |Std.Dev|Reliab%| - Cached Name | 0.020 | 0.023 | 0.029 | 0.002 | 98.0 | - Uncached Name | 0.022 | 0.090 | 0.287 | 0.075 | 100.0 | - DotCom Lookup | 0.049 | 0.055 | 0.066 | 0.003 | 100.0 | 1dot1dot1dot1.cloudflare-dns.com CLOUDFLARENET - Cloudflare, Inc., US
1. 1. 1. 1 | Min | Avg | Max |Std.Dev|Reliab%| - Cached Name | 0.021 | 0.023 | 0.030 | 0.002 | 95.9 | - Uncached Name | 0.022 | 0.096 | 0.325 | 0.082 | 100.0 | - DotCom Lookup | 0.048 | 0.073 | 0.166 | 0.043 | 100.0 | 1dot1dot1dot1.cloudflare-dns.com MEGAPATH2-US - MegaPath Networks Inc., US
8. 8. 4. 4 | Min | Avg | Max |Std.Dev|Reliab%| + Cached Name | 0.048 | 0.052 | 0.057 | 0.002 | 100.0 | + Uncached Name | 0.060 | 0.104 | 0.344 | 0.073 | 100.0 | + DotCom Lookup | 0.063 | 0.070 | 0.158 | 0.014 | 100.0 | google-public-dns-b.google.com GOOGLE - Google LLC, US
8. 8. 8. 8 | Min | Avg | Max |Std.Dev|Reliab%| + Cached Name | 0.049 | 0.053 | 0.060 | 0.002 | 98.0 | + Uncached Name | 0.057 | 0.106 | 0.367 | 0.077 | 100.0 | + DotCom Lookup | 0.063 | 0.073 | 0.156 | 0.020 | 100.0 | google-public-dns-a.google.com GOOGLE - Google LLC, US
Re:How much for low numbered IPs? by Megane · 2018-04-01 05:58 · Score: 4, Informative

A zero host address in the local subnet in IPv4 means a reference to the local network. No matter your subnet length, 1.0.0.0 will always have a zero host address. 0/8 is reserved for "Local Identification". So 1.0.0.1 is the lowest valid IPv4 address.
So now we have DNS servers on 1.1.1.1, 4.4.4.4, and 8.8.8.8. Who has 2.2.2.2 and can they put a DNS server on it?

--
#naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
Re:Why trust CF? by cascadingstylesheet · 2018-04-01 06:12 · Score: 4, Informative

And, no IPv6 endpoint seems like a big missing component when "competitors" have it.
it doesn't?
Re: Too bad Cisco uses this for a virtual IP in by nasch · 2018-04-01 06:16 · Score: 4, Informative

Did you try the alternate 1.0.0.1?
Other easy to remember public DNS Servers by Xenolith0 · 2018-04-01 06:43 · Score: 4, Informative
Other easy to remember public DNS Servers
- Google (Unfiltered)
  - 8.8.4.4
  - 8.8.8.8
- Global Cyber Alliance (Filters malicious content)
  - 9.9.9.9
- Cloudflare
  - 1.0.0.1
  - 1.1.1.1
- Level 3 Communications
  - 4.2.2.1
  - 4.2.2.2
  - 4.2.2.3
  - 4.2.2.4
  - 4.2.2.5
  - 4.2.2.6
Re:How much for low numbered IPs? by sims+2 · 2018-04-01 07:57 · Score: 4, Informative

1.1.1.1 valid cloudflare
2.2.2.2 invalid owned by Orange S.A. according to RIPE
3.3.3.3 invalid owned by Amazon
4.4.4.4 invalid owned by Level 3 Communications, Inc
5.5.5.5 invaild owned by TelefÃnica Germany
6.6.6.6 invalid owned by Headquarters, USAISC
7.7.7.7 invalid owned by DoD Network Information Center
8.8.8.8 valid google
9.9.9.9 valid quad9

--
Minimum threshold fixed. Thanks!
Re:Does not compute by pots · 2018-04-01 09:37 · Score: 4, Informative

Courts can't compel Cloudflare to collect information, they can only compel them to turn over the information which they already have. Cloudflare says:

While we need some logging to prevent abuse and debug issues, we couldn't imagine any situation where we'd need that information longer than 24 hours. And we wanted to put our money where our mouth was, so we committed to retaining KPMG, the well-respected auditing firm, to audit our code and practices annually and publish a public report confirming we're doing what we said we would.
In the end you're still probably better off using the DNS that your VPN provides, but this seems like a good alternative to 8.8.8.8.