Oh i did not mean every user should do this, just wanted to share knowledge ;). By the way i tested this in my custom build and it works ok (the php way). So what i think /e/ should do is fix this, and remove the Google link in the source. I also got annoyed about the private dns calling home thing which i reported a year ago!, and this is also easy fixable…
Do you know of a published list of hosts to manually block in NextDNS or do you just manually watch the logs?
I just went into the log and found ......dnsotls-ds.metric.gstatic.com getting through so I added metric.gstatic.com to the denylist. Now to see if all sub-domians are blocked as well. I do have a number of blocklists already enforcing…maybe I need to add more?
You sparked me to check this with this👇 so THANK YOU!
Edit. Just found this as well👇
1 Like
With NextDNS, connectivitycheck.android is blocked.
I have decided to trust NextDNS even if it is not open source. Before, I used Quad9. But in any way, one have to trust a DNS server, so why Quad9 should be more trustable that NextDNS ? So let’s go for NextDNS.
Any opinion ?
1 Like
I like the FDN.
But NextDNS allows to filter and monitor.
Something I have notice in NextDNS : we have to allow “mtalk.google” in order to have Signal notifications work properly.
2 Likes
I was thinking this 
too but then I read this 
which has started further thought. Any ideas?
Or dns fingerprinting 
I’m looking at my dns logs a lot, patterns can be found…
1 Like
“Privacy Central”, which I believe will do much of this tracker filtering at the system level, can’t get here soon enough!
Please share what you find further . Does this make you think of changing DNS? And thank you for your help.
Edit: Only FOSS apps and a few from Aurora can be found on my phone. The host file blocking here is a very nice feature . More discussion on /e/'s app store that I am following even though I don’t use it.
The NextDNS privacy policy sound great! But unfortunately one must trust, so once again another subjective choice! Back to original thought
Going back to a flip phone looks more and more appealing 
.
I think all flip phones in the U.S. run Android now, don’t they? In any case, an old flip phone won’t work without VoLTE, sadly.
1 Like
Just no access to apps, correct? To your point I’m sure there is and will increasingly be tracking in “dumber” phones.
1 Like
I don’t know. 
Phones generate a certain pattern depending on the apps / os installed. In my case i have some very specific calls to domains because i own them :). I think i have to let go my desire to be anonymous all the time… It is just not possible. Next DNS promises to not log your queries that helps…
1 Like
Nope. I dont know.
For Signal, I noticed notifications where not available as soon as I switched to NextDNS. After checking the log, I saw mtalk.google was very regularly blocked. A quick search in DuckGo made me find that this tracker was needed. Then I whitelist it and Signal notifications came back imediatly.
The fact that Signal need a Google tracker to work puzzle me a bit…
1 Like
I am seeing this too. In my log it is blocked and notifications don’t come through till I open the Signal app 
.
Whitelist it and Signal will be alive again… But what to think about that ?
@XjFred Yes, I can add it to the “Allow list” . Now the question… What info does Foogle get when that tracker goes home? I don’t know what I don’t know… Any ideas?
Also it appears if I leave Signal open and just minimize it (don’t close it) that notifications are working even with mtalk.google blocked. Do you see the same?
If someone runs a forward facing NextCloud with an owned domain…is this too allowing for DNS fingerprinting?
Yes, the same until my phone goes in “sleep mode”.
1 Like
Yes, i don’t know if this is being done though, looked at my DNS log record and though, well this is also a fingerprint :).
2 Likes
Might be time for me to move to Silence and bring people (family/friends) with by showing this 
.