Cloudflare’s new DNS service. Why would I change to Cloudflare’s?

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
April 23, 2018

Are you looking for a free way to speed up your internet and gain some extra privacy in the process? Keep reading, because Cloudflare (the Web Performance & Security Company) is offering a free new DNS service. And it helped me improve the speed of my DNS lookups.

What is DNS?
DNS is short for Domain Name System. It is an internet protocol that allows user systems to use domain names/URLs to identify a web server rather than inputting the actual IP address of the server. For example, the IP address for Malwarebytes.com is 104.72.35.176, but rather than typing that into your browser, you just type ‘malwarebytes.com,’ and your system reaches out to a ‘DNS Server’ which has a list of all domain names and their corresponding IP address, delivering that upon request to the user system.

Which DNS servers am I using now?

If you have to ask yourself that question, there’s a big chance that you are using the DNS service provided by your internet provider. And while some of those are quite good, others are deplorable. Those that have looked into changing their DNS servers have probably ended up using Google’s public DNS, or if they were also interested in a web filter, they might have ended up using Cisco’s OpenDNS. IMHO those are the two most popular alternatives for the ones provided by ISPs around the globe, but many more are available.

Why would I change to Cloudflare’s?

We are not saying you should, but their claims sound very promising. Even if the differences in speed and privacy are not directly noticeable, you may be convinced by these arguments:


  • Cloudflare’s service is 5 times faster than the average ISP’s (8 milliseconds compared to 70).
  • ISPs do not always use strong encryption on their DNS or support DNSSEC, which makes their DNS queries vulnerable to data breaches and exposes users to threats like man-in-the-middle attacks.
  • Many companies collect data from their DNS customers to use for commercial purposes. Cloudflare promises not to mine any user data. Logs are kept for 24 hours for debugging purposes, then they are purged.
  • Query name minimization diminishes privacy leakage by only sending minimal query names to authoritative DNS servers.

That last one may need some explanation. The less information the DNS servers send to each other to resolve your DNS query, the smaller is the amount of data that would be revealed in case of a leak or breach. This is why servers that use this method only send each other the minimum of information that the receiving server needs.
 

Marko :)

Level 20
Verified
Top Poster
Well-known
Aug 12, 2015
954
I just use my ISP DNS whenever I'm not connected to my VPN. I have no idea what they do with the data though, but it's fast! : )

I assume they abuse it.
Usually DNS servers of your ISP are the fastest ones, but that doesn't mean they're better. I have 1 ms response time to DNS servers of my ISP and I changed them on every device, because;
  1. I don't know how safe they are
  2. I don't know what's collected and if they look at it
  3. They are not backed by anycast and when they fail, I lose internet access (happened two times, two years ago)
Until few days ago, I used Google Public DNS and now I'm using 1.1.1.1. I can notice some speed difference when loading websites.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top