Domain Name Server (DNS) Privacy
Due to a lack of privacy, many computer users are switching from using the Google search engine to a private search engine, such as StartPage or DuckDuckGo.
Private search engines do not keep a log of your computer’s IP address, your search queries, the website you came from, and the websites you click on in the search results. But, using a private search engine is only part of the solution to maintain privacy.
When you click on a web link to a website or when you type in a website name in your web browser, you are entering the domain name of the website. To make websites easier to use and remember, we use website domain names, such as Google.com. But, each website has a number, known as an IP (Internet Protocol) address.
For example, one IP address for Google.com is 184.108.40.206, using 32-bit numbers, with IP version 4 (IPv4). IP version 6 (IPv6), a newer standard, uses 128-bit numbers, to accommodate the fast-growing number of new addresses. An IP address may be configured to be fixed (static IP) or it may change from time to time (dynamic IP).
When you go to Google.com, the DNS server that you have configured for your system will look up the website name and find the corresponding IP address. Then you will be connected to that IP address. DNS works like a phone directory, where you look up a name, find the phone number, then connect to that phone number. Since a dynamic IP address may change, the DNS server will look up the IP address periodically, to make sure it has the latest IP address.
There are many DNS servers available to choose from. They do not all contain the same listings in their lookup tables. Some DNS servers may block access or censor certain websites such as known malicious websites, adult content, political content or other content, or they may use speed throttling to slow down your connection.
If you are using a DSL modem or router provided by your Internet Service Provider (ISP), you are probably using a DNS server owned by your ISP. Your ISP can keep a record of every website you visit. Some users have changed their DNS settings to use DNS servers owned by Google. This means that Google can keep a record of every website that you visit.
Your website browsing history can be compiled into a profile of your location, interests, hobbies, tastes, preferences, culture, opinions, news sources, political and religious views, shopping, banks and companies you do business with, medical information, etc. to be used to display targeted advertising on your web browser or for other purposes of building a profile of your internet activity.
DNS Browsing Privacy
For privacy, you can choose a DNS server that does not log your website visits, or that deletes the log after a short time.
One place to find a DNS server that does not keep logs is at OpenNIC.org. You can choose a DNS server in the USA or in a foreign country, from the list provided at OpenNIC Servers, Tier 2. Find a server that says “no logging” or “logging disabled“.
Choose two servers, in different geographic locations for diversity. One server will be your primary DNS server. The other will be your secondary DNS server, used as a backup when the primary server is not working. For fastest website look-up, choose a DNS server location close to your location, not far away.
Write down the IP addresses for the primary and secondary DNS servers you want to use. You can look up those IP addresses to do research on those servers before you use them. Then follow the instructions in the user manual or help section for your router or internet adapter. It will explain how to enter the IP address for your selected DNS servers. If needed, get help from a computer technician or system administrator.
OpenNIC DNS servers can look up the websites that you want to visit, without blocking, censorship or speed throttling. DNS servers that do not keep logs will help to maintain your privacy, along with using a private search engine to keep web searches private.
For protection from malicious websites, add firewall software that checks a website’s reputation and blocks the malicious connection. Also, use strong anti-virus software.