Advice Request Windscribe ControlID - has anyone used it, if so what do you think of it?

Please provide comments and solutions that are helpful to the author of this topic.
Stopspying

Stopspying

Level 19
Thread author
Verified
Top Poster
Well-known
Jan 21, 2018
801
4,731
1,769
Windscribe have recently launched ControlD - Control Your Internet

"Choose from 15 categories of filters that block ads, malware, adult content, IoT beacons, gambling sites and much more. Our bespoke block lists are extremely effective, but will not hinder your browsing experience due to false positives."

I have a Windscribe account, but it is not the VPN that I use the most. I also have AdGuard and much of what Windscribe is offering here is managed on my machines by that. However I am curious to hear what anyone who has used ControlID thinks of it so far. Do any of you have any views on it yet?

I am particularly interested in how well the feature that bypasses Geo-Blocking works - "Sites block access to content for people in the "wrong" country. ControlD operates a network of proxy servers in over 100 locations that can help you appear to be in the "correct" country and enjoy local content."
ControlID settings.png
 
Last edited by a moderator:
  • Like
  • +Reputation
Reactions: [correlate], Protomartyr, Kongo and 9 others
"ControlD is a new DNS service by the makers of Windscribe VPN"
ControlD Paid plans

Paid plans introduce new customization options to the service. Customers may select between 14 categories to block, use proxy servers in 60 countries to tunnel some browsing activity (and access geo-restricted content), and maintain a remote hosts file for IP spoofing.

Some features, like the ability to create custom block profiles, are known from other advanced DNS services. The ability to use proxy servers for SMART DNS functionality is an interesting addition, especially since it can be used for specific sites, e.g. Netflix, HBO or BBC.

The scheduling option works like a temporary blocker, e.g. to block social media access while working or studying.

The two paid plans, Some Control and Full Control, are available for $20 and $40 per year. The only distinguishing factor is that the full control plan includes proxy server access while the some control plan does not.
Click to expand...
Legacy DNS​
DNS-over-HTTPS​
DNS-over-TLS​
Unfiltered​
76.76.2.0​
p0.freedns.controld.com​
Block Malware​
76.76.2.1​
p1.freedns.controld.com​
Block Malware, Ads​
76.76.2.2​
p2.freedns.controld.com​
Block Malware, Ads and Social​
76.76.2.3​
p3.freedns.controld.com​
Click to expand...
www.ghacks.net

ControlD is a new DNS service by the makers of Windscribe VPN - gHacks Tech News

ControlD is a new free and paid DNS service by the makers of Windscribe VPN that offers some interesting features.
www.ghacks.net www.ghacks.net
 
  • Like
Reactions: Stopspying, Cortex, Nevi and 8 others
I Walk MY Way said:
Its pretty much Windscribe R.O.B.E.R.T in a new dress , If you use Windscribe and uBlock Origin u dont realy need to pay for this at all ....
Click to expand...
That is not true. There are no services like ControlD out there right now. Here is something you can do with ControlD that you can't do with Windscribe (or NextDNS, Pi-Hole, Adguard, or any "Smart" DNS service).

Unlock all geo-restricted services in all countries, simultaneously:

Create custom rules for individual domains and redirect them through all Windscribe locations, all at the same time:



Or enable Global Proxy and proxy all HTTP traffic with nothing but DNS, no apps required.

There are 2 plans: DNS only - costs the same as NextDNS and has similar features (multi-device support is coming next). Proxy plan, it costs double, but you can do all kinds of magic with it. There is a 1 month trial, give it a shot. I think you will be pleasantly surprised.

There are also free community resolvers, that will enforce Windscribe's blocklists, all without an account, free forever. This is DNS only, no proxy access.
 
Last edited:
  • Like
Reactions: brambedkar59, Kubla, poopdookie and 10 others
Last edited:
  • Like
Reactions: Gandalf_The_Grey, Stopspying, n8chavez and 2 others
windscribe said:
That is not true. There are no services like ControlD out there right now. Here is something you can do with ControlD that you can't do with Windscribe (or NextDNS, Pi-Hole, Adguard, or any "Smart" DNS service).

Unlock all geo-restricted services in all countries, simultaneously:

Create custom rules for individual domains and redirect them through all Windscribe locations, all at the same time:



Or enable Global Proxy and proxy all HTTP traffic with nothing but DNS, no apps required.

There are 2 plans: DNS only - costs the same as NextDNS and has similar features (multi-device support is coming next). Proxy plan, it costs double, but you can do all kinds of magic with it. There is a 1 month trial, give it a shot. I think you will be pleasantly surprised.

There are also free community resolvers, that will enforce Windscribe's blocklists, all without an account, free forever. This is DNS only, no proxy access.
Click to expand...


Fantastic, I am testing it and so far I am impressed, minus Crunchyroll, the geo-restricted bypasser just worked fine and the resolution speed is on par or even faster than Cloudflare/Google DNS.

Is there any discount for long time brazilian Windscribe users? :p
 
  • Like
Reactions: Venustus, Cortex, CyberTech and 6 others
tsunami said:
is there any info as to where your threat intelligence is coming from?
Click to expand...
We compile a list from several online sources, you probably heard about some of them. In talk with Spamhaus to add the DBL lis.


blackice said:
I’d like to know this as well.

Also, is there an ability to have multiple profiles like on NextDNS?
Click to expand...
This is the next major thing on our todo list once we finish the current milestone of work: Multiple device support · ControlD Feedback


Cortex said:
I see in the blurb you don't recommend using a VPN with ControlID? Does this mean you don't feel a VPN including your own is useful anymore? + No PayPal?
Click to expand...
No, it will cause unexpected behavior depending on the device and DNS protocol you're using. FAQ

If you really want to, and you know what you're doing, you can use it with a VPN.

Nightwalker said:
Fantastic, I am testing it and so far I am impressed, minus Crunchyroll, the geo-restricted bypasser just worked fine and the resolution speed is on par or even faster than Cloudflare/Google DNS.

Is there any discount for long time brazilian Windscribe users? :p
Click to expand...

Crunchyroll issue has been fixed.
 
  • Like
  • Thanks
Reactions: Stopspying, Venustus, Cortex and 9 others
windscribe said:
We compile a list from several online sources, you probably heard about some of them. In talk with Spamhaus to add the DBL lis.
Click to expand...
How about Google Safe Browsing and maybe Yandex Safe Browsing? To disable these services in browsers and use only the service from DNS.

Also maybe I don't quite understand, but in the user rules there are only three options: block, redirect, bypass, but there is no allow function? That is, to open the site through a proxy and not to block it. Is it possible to implement this feature? :)
 
  • Like
Reactions: Stopspying, Venustus and Cortex
@windscribe thanks for the reply. Although multiple device support is great it is an issue for a router than only supports ‘legacy dns’. For NextDNS I can link the IP of my house to the service and use whatever filters for that to manage the whole house filtering. And then manage individual devices that can handle DoH or DoT as necessary. I suppose a work around would be your free DNS with malware filtering and then manage each device that supports encrypted DNS, but it would be nice to be able to filter the router based on the IP. I will also keep bugging the router manufacturer to add DoH/DoT support.
 
  • Like
Reactions: Stopspying, Venustus, Cortex and 1 other person
There are things I like about ControlD better, and there are things I like about NextDNS better. As has been mentioned here, multiple device support and better granularity of the filter lists, as well as analytics and logging, are better with NextDNS. But the custom rules, bypassing of services and whitelisting and global proxy are better with ControlD. I am curious though, why is a VPN not recommended in conjunction with ControlD? If it is to prevent dueling-dns-services, why not just set ControlD up as a custom dns server in your VPN app? Anyway, both these services seems really cool, and warrant further tinkering.
 
  • Like
Reactions: Stopspying, Venustus, Cortex and 2 others
n8chavez said:
I am curious though, why is a VPN not recommended in conjunction with ControlD? If it is to prevent dueling-dns-services, why not just set ControlD up as a custom dns server in your VPN app? Anyway, both these services seems really cool, and warrant further tinkering.
Click to expand...
kb.controld.com

Introduction

Find out what Control D is, and what it can do for you.
kb.controld.com kb.controld.com

Should I use this with a VPN?
It depends, but you probably shouldn't. On most devices and with most VPNs, it's simply not going to do anything, since when you connect to a VPN, you usually end up using the DNS server pushed by your VPN provider. There are exceptions to this, like Private DNS on Android, or if you configure DoH directly in the browser.

If you end up using Global Proxy or the unlocking capabilities of ControlD, using a VPN will slow everything down since you will end up triple proxying all your traffic. If that's something that you want, then by all means do it, but the performance will suffer.
 
  • Like
Reactions: Venustus, Cortex, roger_m and 2 others
CyberDevil said:
How about Google Safe Browsing and maybe Yandex Safe Browsing? To disable these services in browsers and use only the service from DNS.

Also maybe I don't quite understand, but in the user rules there are only three options: block, redirect, bypass, but there is no allow function? That is, to open the site through a proxy and not to block it. Is it possible to implement this feature? :)
Click to expand...
Redirect rule will do exactly what you want.

blackice said:
@windscribe thanks for the reply. Although multiple device support is great it is an issue for a router than only supports ‘legacy dns’. For NextDNS I can link the IP of my house to the service and use whatever filters for that to manage the whole house filtering. And then manage individual devices that can handle DoH or DoT as necessary. I suppose a work around would be your free DNS with malware filtering and then manage each device that supports encrypted DNS, but it would be nice to be able to filter the router based on the IP. I will also keep bugging the router manufacturer to add DoH/DoT support.
Click to expand...
ControlD links your IPs automatically when you interact with the website OR when you use DoH/DoT. It will work in parallel from your home IP using legacy DNS, your phone using DoT on cellular, and your roaming laptop using DoH on a random hotspot. In cases of your IP changing on your home network, and you're forced to use Legacy DNS because there is no support for DoH/DoT, what you can do is configure DoH directly in the browser that you use on this network, or something that generates DNS traffic. If your IP suddenly changes, the DoH/DoT query from your home network will authorize your IP to use Legacy DNS. This eliminates the need for Dynamic DNS setups using 3rd party services.

n8chavez said:
There are things I like about ControlD better, and there are things I like about NextDNS better. As has been mentioned here, multiple device support and better granularity of the filter lists, as well as analytics and logging, are better with NextDNS. But the custom rules, bypassing of services and whitelisting and global proxy are better with ControlD. I am curious though, why is a VPN not recommended in conjunction with ControlD? If it is to prevent dueling-dns-services, why not just set ControlD up as a custom dns server in your VPN app? Anyway, both these services seems really cool, and warrant further tinkering.
Click to expand...
Multi-device support will be added by end of June, we didn't want to hold back the release for this. We're against analytics as that requires query logging for all your activity. This is why the query log you can enable only lasts for 2hrs, and it's not stored in any permanent place. It's streamed directly from the process memory into your browser with no permanent storage. This is a Windscribe product after all....

Ad for granular blocklists, less is more in this case. We do not expose individual community blocklists, because they are riddled with false positives and have no meaning for most people. Nobody knows what they are or what the difference is unless they're super into Pi-Hole, DNS, etc. 99% of people are not.

Our blocklists are based on top of 27 different lists (~1M domains), with our own blocklists added on top, and most importantly false positives removed based on 2 years of community feedback from millions of Windscribe users. Our combined lists are much more effective than random Github lists you're probably using. Those lists are compiled by people as a hobby, we do this for a living and we have a large community that reports issues to us. Our custom whitelist has thousands of domains that are falsely blocked by most community lists.

I recommend just using our list, and see for yourself.
 
  • Like
  • Thanks
Reactions: Stopspying, Venustus, Cortex and 8 others

You may also like...