Oh i did not mean every user should do this, just wanted to share knowledge ;). By the way i tested this in my custom build and it works ok (the php way). So what i think /e/ should do is fix this, and remove the Google link in the source. I also got annoyed about the private dns calling home thing which i reported a year ago!, and this is also easy fixable…
Do you know of a published list of hosts to manually block in NextDNS or do you just manually watch the logs?
I just went into the log and found ......dnsotls-ds.metric.gstatic.com
getting through so I added metric.gstatic.com
to the denylist. Now to see if all sub-domians are blocked as well. I do have a number of blocklists already enforcing…maybe I need to add more?
You sparked me to check this with this👇 so THANK YOU!
Edit. Just found this as well👇
With NextDNS, connectivitycheck.android is blocked.
I have decided to trust NextDNS even if it is not open source. Before, I used Quad9. But in any way, one have to trust a DNS server, so why Quad9 should be more trustable that NextDNS ? So let’s go for NextDNS.
Any opinion ?
I like the FDN.
But NextDNS allows to filter and monitor.
Something I have notice in NextDNS : we have to allow “mtalk.google” in order to have Signal notifications work properly.
I was thinking this too but then I read this which has started further thought. Any ideas?
Or dns fingerprinting I’m looking at my dns logs a lot, patterns can be found…
“Privacy Central”, which I believe will do much of this tracker filtering at the system level, can’t get here soon enough!
Please share what you find further . Does this make you think of changing DNS? And thank you for your help.
Edit: Only FOSS apps and a few from Aurora can be found on my phone. The host file blocking here is a very nice feature . More discussion on /e/'s app store that I am following even though I don’t use it.
The NextDNS privacy policy sound great! But unfortunately one must trust, so once again another subjective choice! Back to original thought
Going back to a flip phone looks more and more appealing .
I think all flip phones in the U.S. run Android now, don’t they? In any case, an old flip phone won’t work without VoLTE, sadly.
Just no access to apps, correct? To your point I’m sure there is and will increasingly be tracking in “dumber” phones.
I don’t know.
Phones generate a certain pattern depending on the apps / os installed. In my case i have some very specific calls to domains because i own them :). I think i have to let go my desire to be anonymous all the time… It is just not possible. Next DNS promises to not log your queries that helps…
Nope. I dont know.
For Signal, I noticed notifications where not available as soon as I switched to NextDNS. After checking the log, I saw mtalk.google was very regularly blocked. A quick search in DuckGo made me find that this tracker was needed. Then I whitelist it and Signal notifications came back imediatly.
The fact that Signal need a Google tracker to work puzzle me a bit…
I am seeing this too. In my log it is blocked and notifications don’t come through till I open the Signal app .
Whitelist it and Signal will be alive again… But what to think about that ?
@XjFred Yes, I can add it to the “Allow list” . Now the question… What info does Foogle get when that tracker goes home? I don’t know what I don’t know… Any ideas?
Also it appears if I leave Signal open and just minimize it (don’t close it) that notifications are working even with mtalk.google
blocked. Do you see the same?
If someone runs a forward facing NextCloud with an owned domain…is this too allowing for DNS fingerprinting?
Yes, the same until my phone goes in “sleep mode”.
Yes, i don’t know if this is being done though, looked at my DNS log record and though, well this is also a fingerprint :).
Might be time for me to move to Silence and bring people (family/friends) with by showing this .