search

privacytools / privacytools.io

πŸ›‘πŸ›  You are being watched. Protect your privacy against global mass surveillance.
https://www.privacyguides.org
Creative Commons Zero v1.0 Universal
3.11k stars 384 forks source link

πŸ†• Software Suggestion | AhaDNS #2193

Open oXyiGYJ opened 3 years ago

oXyiGYJ commented 3 years ago

Basic Information

Name: AhaDNS (previously Pi-DNS Category: DNS Privacy Policy: https://ahadns.com/privacy-policy/ Protocols: DoT, DoH, DNSCrypt(?) URL: https://ahadns.com/ Server Locations: India, Netherlands, US (LA and NY)

Description

AhaDNS (previously Pi-DNS) is a zero logging DNS with support for DNS-over-HTTPS & DNS-over-TLS.

Reason for name change: https://www.reddit.com/r/ahadns/comments/jy0qg3/pidnscom_have_changed_name_to_ahadnscom/ Hobby project per the creator.

FAQ: https://ahadns.com/faq/

Why I am making the suggestion

We need more good choices.

Required Features

My connection with the software

No affiliation.

Edited: Updated to new DNS template.

oXyiGYJ commented 3 years ago

Would like feedback on this for those that have used them before as well as any newcomers with more skills looking into these things than I.

One thing I am not a fan of is the reCAPTCHA on the site. Not that it affects the DNS portion (?)

freddy-m commented 3 years ago

I'm in favour of adding this @privacytools/editorial

TrashPandaCodingGarbage commented 3 years ago

AhaDNS is not exactly zero-logs DNS:

We do keep some anonymized statistics over each server, containing data such as, but not limited to, total number of DNS requests, total number of DNS requests blocked, type of DNS query (A, AAA, CNAME etc) and type of answer (NOERROR, NXDOMAIN, NODATA etc). The statistics do not contain any information about the content of the DNS request, such as the domain requested, or the requesting IP address.

We do not log or store any personal DNS request data. This means that we don’t know anything about what requests a specific user have made. We do keep some anonymized statistics over each server, containing data such as, but not limited to, total number of DNS requests, total number of DNS requests blocked, type of DNS query (A, AAA, CNAME etc) and type of answer (NOERROR, NXDOMAIN, NODATA etc).

When sending a request using DNS-over-HTTPS (DoH) or DNS-over-TLS (DoT) we do log that a request have been made. This log entry contains a masked IP address, meaning that a request from IP 192.192.192.192 is logged as 192.192.0.0. This log entry does not contain the full IP address of who made the request or any data of the request content. This log is saved for a maximum of 24h for debugging purposes.

So, they do collect some metadata by which they are unable to identify an user. I'm in favor of adding them, with "Some Logging" flag on PTIO.