redpill me on quad9, and ways to make my internet browsing more private and safe. i have no idea how dns work. ideally, i'd also love if it could be set up to block ads and porn too.
>>105766143 >>105766153 mullvad is only partially open source while quad9 is completely open source. one is based in sweden the other in switzerland. mullvad is a private company while quad9 is a non-profit.
mullvad certainly has more features, but i dont know which of the two is better.
>"threat" blocking big nope, they use it to block sites they don't agree with politically and call them "threats" you should be using no log, no filter DNS servers with good response time.
>>105766099 (OP) Use this on your desktop, it automatically selects the fastest one for you and encrypts your queries over the wire https://github.com/DNSCrypt/dnscrypt-proxy
Anonymous
7/1/2025, 6:53:24 PM No.105767715
>>105766215 >mullvad is only partially open source while quad9 is completely open source.
>>105768101 nevermind, I have to specify an actual server like https://us-nyc-dns-601.mullvad.net/dns-query instead of just using what's in my pic because otherwise it defaults to a server in singapore meanwhile quad9 it doesn't do that
Anonymous
7/1/2025, 8:14:53 PM No.105768459
>>105766099 (OP) >make my internet browsing more private and safe that says nothing. private from whom? safe how? >block ads and porn it can do that, but not all ads can be blocked at the DNS level, you'll most likely need an application level blocker anyway, like a browser addon
>>105768459 >private from whom? safe how? like, my isp not being able to spy and collect data on every single website i use. >>105768459 >a browser addon i already use ublock origin, but it would be nice to have some level of ad blocking at the wifi level so that it works for my boomer relatives too and whatnot.
>>105768509 most of your data is already encrypted with HTTPS. DNS can also be encrypted (over HTTPS or over TLS). Encrypted Client Hello is something that can help obfuscate initial DNS queries. Most websites don't have a fixed IP address nowadays, so the ISP seeing what IPs you connect to won't do much, but you can use a VPN or Tor to obfuscate where you're connecting to. You can even use Tor bridges to obfuscate the fact you're connecting to Tor, if you're that paranoid or if Tor is illegal in your cunt.
>>105772096 Not OP, shame everytime I find something new to use and it looks good, I learn about stuff like this. Not a deal breaker I think for the journeyman.
Anything other than pure Unbound with DNSSEC and a couple of blocklists is 100% placebo which won't really do what you think it will, and will never ever change the end result except adding a third party to the chain.
>>105766099 (OP) >quad 9 i used it for a bit because I like chara and freedom but they are still censoring a ton of DNS locations for things like shared resources like libgen. I hard dropped them for uncensored dns >how does a dns work it turns internet addresses into IP numbers.
Anonymous
7/2/2025, 6:23:12 PM No.105778379
>>105775482 they literally hijack dns requests so they cant leave my network
>>105766099 (OP) > Get a box you can run 24/7. It can be a rpi, or a small one. Or a $2 vps or something > Install docker > Have a small compose file written for pihole or use > docker compose pull > docker compose up -d > Set the dns of pihole to anzthing > Configure the dns of piuhole to block ads, porn, antisocial media and whatever > Set the dns of your boxen to pihole
Advanced: > Include unbound in your compose file for a fully recursive dns server (that relies on no third parties, but always start querying from the tld routing table) > Set pihole dns to unbound
i've been using it for years, and i'd say its the best option bar hosting your own dns. they dont store logs (allegedly, but as with all dns providers you just have to take their word for it) and support DoH.