Serious Discussion DNS Providers for Home Users – Still Cloudflare/Quad9, or Did NextDNS/Control D Finally Win?

[superleeds27]

And that is a terrible idea. Even if you live in a country where ISPs don't track user activity or censor the internet.

DNS servers from all ISPs throughout the world are simply the worst choice. They aren't backed by anycast which means once it goes down, you "lose" internet connection until they fix it; they usually do not support basic security standards like DNSSEC and do not protect you from third parties intercepting/modifying DNS queries. Not to mention, they are really slow in DNS resolution.

Even if you don't care about your ISP seeing what websites you visit, you should use at least some kind of public non-filtering DNS like 1.1.1.1, and preferably DoH. DNSSEC protects you so websites can't manipulate DNS records, it speeds up browsing the web and even if DNS servers from your ISP fail, you still have normal internet access.

This isn't always the case. My ISP DNS is actually faster than anything else out there (from testing), purely down to how they're setup.

I've also been with them 25+ years and never had a DNS outage

 

[Marko :)]

This isn't always the case. My ISP DNS is actually faster than anything else out there (from testing), purely down to how they're setup.

I've also been with them 25+ years and never had a DNS outage

You mean, you always have the best ping towards your ISP DNS servers? How about DNS resolution time? Test that.

 

[LinuxFan58]

Guys, a fair part of the itchy post and discussion are because someone tries to convince someone else that his solution is best, while the other one (disagreeing with it) thinks his solution is best!

Let it be agree to disagree

peace

 

[Parkinsond]

Guys, a fair part of the itchy post and discussion are because someone tries to convince someone else that his solution is best, while the other one (disagreeing with it) thinks his solution is best!

Let it be agree to disagree

peace

I have itch to AI-content only; any "mankind" discussion is more than welcome.

You will try to prove your point, I will try the same, no one will follow the other pov, no offensive words, I will like you, and love Bill.

 

[Andy Ful]

I can.

Cloudflare's 1.1.1.1 is privacy-friendly and was audited multiple times. Zero Trust also lets you to set logging as you want. Quad9 is privacy-friendly too.

Yes, SmartScreen sends more metadata. However, when DNS providers use advanced features, they also use more metadata. Even if this metadata is sent encrypted, the providers have full access to the decrypted data. They can store and sell it to other parties.

The worst offender is SmartScreen which collects full URLs and hardware ID. It used to tie the collected information to Microsoft account, but stopped when they were called out publicly about that.

I put far more trust in Microsoft than in other companies. Microsoft already collects large telemetry about Windows users. I prefer to minimize the number of such data collectors.

 

[Andy Ful]

Using 10 confirmed phishing websites (so not the last 10 pf PhishTank but the last 10 confirmed) Cloudlare scores (in my setup) 10 out of 10 (with Google Safe Browsing disabled).For reference Google safe browsing scored 7 out 10 (using ISP=Ziggo DNS).

Cloudflare Zero Trust can be configured for strong protection similar to some well-known DNS providers. However, the free Cloudflare WARP is much weaker (7 out of 10 in my quick test).

 

[Marko :)]

Yes, SmartScreen sends more metadata. However, when DNS providers use advanced features, they also use more metadata. Even if this metadata is sent encrypted, the providers have full access to the decrypted data. They can store and sell it to other parties.

You do realize that if that was the case, Cloudflare would fail all the audits?

 

[Andy Ful]

You do relize that if that was the case, Cloudflare would fail all the audits?

Cloudflare has a generally strong reputation for performance and security. However, some concerns remained over content moderation and privacy.
The most privacy-oriented is a free public DNS resolver (1.1.1.1), which does not retain user-identifiable data in the long term (one-day retention).
Cloudflare WARP+ is another problem.

There were some known privacy-related incidents, like the “Cloudbleed” bug in 2017 and the questionable reaction to this bug.
Although the chances of misuse of the private users' data by Cloudflare are small, there is a much stronger possibility of leaking data via bugs or exploits.

 

[Andy Ful]

@Marko :),

The privacy concern about SmartScreen is interesting. Is your main concern about the possibility of misusing data by Microsoft or other parties?
It is worth noting that SmartScreen data is generally tied to a device, not to a personal Microsoft account.

Main privacy concerns:

1. Microsoft retains reputation data to refine its blocklists and reputation databases (no long-term retention and profiling). However, this is only the Microsoft statement (no external audits).
2. The adversary with control of the device’s certificate store can impersonate SmartScreen’s servers or decrypt the traffic to see the URLs and file paths.

 

[Andy Ful]

I have a question for @Bot:
What are the practical chances of misusing the SmartScreen metadata by Microsoft, the government, or third parties?

 

[Bot]

I have a question for @Bot:
What are the practical chances of misusing the SmartScreen metadata by Microsoft, the government, or third parties?

As an AI, I can’t give a precise “probability” (Microsoft doesn’t publish that, and independent audits of SmartScreen telemetry handling are limited). But I can give a practical, threat-model-based answer: for most home users, the realistic risk is low for intentional abuse, and higher (though still not “likely”) for incidental exposure via bugs, compromise, or lawful access.

1) Microsoft misusing SmartScreen metadata (intentional abuse)
In practical terms, this is usually the lowest-risk scenario.

• Microsoft has strong incentives to use SmartScreen telemetry for reputation/security (blocklists, prevalence, false-positive reduction) rather than for targeted surveillance, because a scandal here would be extremely costly.
• Access controls, logging, internal compliance, and the “big-company spotlight” reduce the likelihood of random employee misuse at scale (not zero, but typically low).
• That said, “low risk” is not “impossible,” and users ultimately have to decide how much they trust Microsoft as a data processor.

Practical take: For a typical user, deliberate misuse by Microsoft is generally not the most realistic concern compared with other threats.

2) Government access (lawful requests / compelled disclosure)
This risk depends heavily on jurisdiction and whether you’re talking about broad collection vs targeted investigation.

• For mass surveillance: SmartScreen telemetry is not usually discussed as a primary “bulk collection” channel, and bulk use would be politically/legally sensitive.
• For targeted cases: if a person/device is already of interest, many data sources are used (ISP records, cloud accounts, endpoint compromise, warrants served to vendors, etc.). SmartScreen-related data could become relevant if it is retained and linkable (directly or indirectly) to a device/account/IP/time window.

Practical take: For most people not in a high-risk category, the chance of government ever caring about their SmartScreen lookups is very low. For a targeted individual, it becomes more plausible—though SmartScreen would rarely be the only or easiest source.

3) Third parties (criminals, advertisers, random outsiders)
This is usually the most “practical” category, but it’s less about Microsoft “selling” SmartScreen data and more about compromise/exposure paths.

• Endpoint compromise: If malware already runs on the machine (especially with admin/SYSTEM), it can often observe browsing activity, intercept traffic locally, tamper with certificate stores, install malicious root CAs, or hook browsers. At that point, SmartScreen privacy is not your main problem—the device is.
• Man-in-the-middle via local trust: If an attacker controls the device’s certificate trust (installed root CA) or a security product/proxy is intercepting TLS, they can potentially observe destinations that would otherwise be protected in transit.
• Vendor breach / logging mistakes / bugs: Any large service can have bugs or incidents that expose data. This is usually the more realistic “third-party” risk than “someone snoops SmartScreen traffic on the wire.”

Practical take: The most realistic privacy failure modes come from device compromise and “unexpected data exposure” (bugs/incidents), not from casual network eavesdropping.

What you can do (practical mitigations)

• If privacy is the priority: reduce Windows diagnostics/telemetry to the lowest level available on your edition, and avoid signing into unnecessary Microsoft services on that machine.
• If threat model includes local MITM: keep the machine clean and hardened (standard user account for daily work, tamper protection, attack surface reduction where possible), and watch for unknown root certificates.
• If you want phishing protection with less URL sharing: layer defenses so no single provider sees everything (browser phishing protection + reputable DNS filtering, or local endpoint protection with web filtering), understanding any cloud reputation system involves some metadata sharing.

Bottom line
For an average Windows user, the practical chance of SmartScreen metadata being intentionally “misused” by Microsoft is generally low; the more realistic risks are (a) lawful access in targeted scenarios and (b) exposure via endpoint compromise or service/implementation bugs.

 

[Andy Ful]

Shortly, about SmartScreen/Cloudflare and privacy concerns:

1. Microsoft could misuse SmartScreen metadata, but it will not. It has far more to lose than to gain.
2. The adversary could infiltrate SmartScreen metadata, but it would require much effort and a highly compromised device or network. In these scenarios, the adversary can already get more critical private data without infiltrating SmartScreen.

The same is true for trusted DNS providers like Cloudflare. In theory, Cloudflare's public free DNS is more privacy-friendly. However, it would be hard to prove the practical advantage.
Still, there is some possibility of data leak from Microsoft/Cloudflare via exploiting their infrastructure, internal infiltration, and theft.

 

[LinuxFan58]

Cloudflare has a generally strong reputation for performance and security. However, some concerns remained over content moderation and privacy.
The most privacy-oriented is a free public DNS resolver (1.1.1.1), which does not retain user-identifiable data in the long term (one-day retention).
Cloudflare WARP+ is another problem.

There were some known privacy-related incidents, like the “Cloudbleed” bug in 2017 and the questionable reaction to this bug.
Although the chances of misuse of the private users' data by Cloudflare are small, there is a much stronger possibility of leaking data via bugs or exploits.

I just changed logging to blocks only and enabled the option to remove sensitive data. In the blockpage it is also possible to hide the details of your cloudflare configuration. The free plan has a (non-changeable) retention period of 24 hours, so I am happy with the privacy features of Cloudflare. Way better than the retention period of most browser protection extensions (e.g. Norton or Avast).

 

[Marko :)]

Cloudflare has a generally strong reputation for performance and security. However, some concerns remained over content moderation and privacy.
The most privacy-oriented is a free public DNS resolver (1.1.1.1), which does not retain user-identifiable data in the long term (one-day retention).
Cloudflare WARP+ is another problem.

There were some known privacy-related incidents, like the “Cloudbleed” bug in 2017 and the questionable reaction to this bug.
Although the chances of misuse of the private users' data by Cloudflare are small, there is a much stronger possibility of leaking data via bugs or exploits.

1.1.1.1 is among the best DNS servers for privacy and Cloudflare even publishes what exactly data they collect, for how long and with whom they share it with. Care to explain problems with content moderation and privacy? Why would WARP+ be a problem?

If I recall correctly, Cloudbleed was an issue that was promptly fixed, but the problem was also that the search engines that indexed something they shouldn't have. Nonetheless, Cloudflare was very open and transparent about this which definitely isn't something that you see very common today. This is why I trust them as a company.

Imagine just turning the blind eye and shifting blame, Cloudflare would immediately went out of business. This is why they are highly transparent in everything they do. Yes, they messed up, but they acknowledged the error and warned everyone when this was discovered. They can't do much after that.

The privacy concern about SmartScreen is interesting. Is your main concern about the possibility of misusing data by Microsoft or other parties?
It is worth noting that SmartScreen data is generally tied to a device, not to a personal Microsoft account.

Exactly! SmartScreen collects way too much data than it needs for functioning. It's worth to note that data collected isn't encrypted on Microsoft's servers (just encrypted in traffic), and is collected in plain-text which is something you simply shouldn't do in 2026.

And yes, the data was tied to user account and after being called out, Microsoft stopped doing this.

Main privacy concerns:

1. Microsoft retains reputation data to refine its blocklists and reputation databases (no long-term retention and profiling). However, this is only the Microsoft statement (no external audits).
2. The adversary with control of the device’s certificate store can impersonate SmartScreen’s servers or decrypt the traffic to see the URLs and file paths.

Microsoft is known for not being transparent enough about their privacy practices. Their privacy policy is written very unclear and doesn't specify what exactly is collected and why. Which makes you think they are hiding something.

The best part of the SmartScreen controversy was their collection of user account ID and not mentioning this in their SmartScreen privacy policy. When you combine all of that and how they quietly pushed telemetry into Windows 10 without telling anyone, you start questioning their privacy practices. Nothing is preventing them from collecting full URLs without any identifiers such as user account ID or hardware ID.

And remember: HTTPS/SSL is used for a reason; so third parties can't see what exactly you do on the website and which site you're visiting specifically. SmartScreen technically creates Microsoft a middleman between you and the website as they have access to full URLs.

Don't even think about what would happen if Microsoft got hacked.

I just changed logging to blocks only and enabled the option to remove sensitive data. In the blockpage it is also possible to hide the details of your cloudflare configuration. The free plan has a (non-changeable) retention period of 24 hours, so I am happy with the privacy features of Cloudflare. Way better than the retention period of most browser protection extensions (e.g. Norton or Avast).

I did the same. The only reason why I kept logging of blocked domains was in case a website is wrongly blocked, no other reason. Cloudflare gives you total control over data you provide them.

The free plan has a (non-changeable) retention period of 24 hours, so I am happy with the privacy features of Cloudflare. Way better than the retention period of most browser protection extensions (e.g. Norton or Avast).

The history of visited logs is saved for 18 months for all plans. It's just that with free plan, you're limited to seeing only the last 24 hours. If you disable logging completely, nothing gets recorded. Beside, even with all logging, Cloudflare only gets domains, not full URLs like Microsoft.

 

[Andy Ful]

@LinuxFan58,​

Does the free plan require personal information and details of your debit card (including CVC)?

 

[LinuxFan58]

@LinuxFan58,​

Does the free plan require personal information and details of your debit card (including CVC)?

NO, I am on the free legacy plan.

 

[Marko :)]

@LinuxFan58,​

Does the free plan require personal information and details of your debit card (including CVC)?

Zero Trust Free (legacy plan) doesn't require anything; you just need to click on Cancel and exit in the corner, and you'll be taken to your Zero Trust dashboard.
Zero Trust Free (new plan) requires you to enter valid credit or debit card, but prepaid card can be used as well; I used one.

 

[Andy Ful]

I installed WARP and configured Zero Trust with Firewall Policies.

I plan to test it with Avast's extension against phishing URLs.

 

[Marko :)]

I installed WARP and configured Zero Trust with Firewall Policies.

View attachment 294483

View attachment 294484

I plan to test it with Avast's extension against phishing URLs.

Use OR for mixing different categories and not AND. This means to block a website, it would need to be in both Security and Content category at the same time. With OR would be either this or that.

Add category Indicator feeds -> Cloudforce One. This is Cloudflare's threat intelligence filter.

 

[Andy Ful]

Use OR for mixing different categories and not AND. This means to block a website, it would need to be in both Security and Content category at the same time. With OR would be either this or that.

Add category Indicator feeds -> Cloudforce One. This is Cloudflare's threat intelligence filter.

Thanks.