How DNS Leaks Reveal Your Browsing History
Techquickie
·Techquickie
·2019-05-06
·
1,003 words · ~5 min read
0:00
Thanks for watching Techquickie. Click the subscribe button, then enable notifications with the bell icon so you won't miss any future videos.
0:06
So I would argue that it's healthy to be a little concerned about the people who follow you around online,
0:12
be it the government, unscrupulous advertisers, or maybe your crazy ex who swears she'll never love another man.
0:20
But even if you've taken all of the obvious precautions including hiding behind seven proxies,
0:25
browsing only in incognito mode, whole drive encryption, and stationing an attack dog outside of your computer room,
0:32
unfortunately, there might still be an insidious hole in your defenses that could expose a fair amount about you.
0:38
I'm talking about DNS leaks.
0:40
And if you don't know what the DNS is, you can check out our other video right up here on how it works.
0:45
But simply put, it's the system that matches web addresses you enter, like youtube.com, to numerical IP
0:52
addresses so that your web browser will know which site to bring up.
0:55
And
0:55
now typically, whenever you try to visit a new website, your computer will ask a DNS server maintained by your ISP for its IP address.
1:04
Now this means that your ISP knows which sites you're visiting, which normally wouldn't be an issue,
1:10
but if you're doing something sensitive, you may not want your ISP to have this information,
1:15
especially if they're logging it indefinitely or, much worse, selling it to third parties.
1:20
Oh, but come on John, that's amateur hour stuff.
1:23
I use a VPN that I pay
1:25
actual money for, so I'm totally safe, right?
1:28
Well, maybe not.
1:30
Depending on how your VPN is configured, it might be using a secure encrypted tunnel to connect you with the websites themselves,
1:36
but the DNS request to help you navigate to those sites might still be going to your ISP's DNS server.
1:43
Now this is because some operating systems, and Windows is notorious for this, will rely on whatever DNS server it is saved as the
1:51
default. So if this is your ISP's, it might completely
1:55
ignore the fact you have a VPN running and send all of your browsing requests to your ISP anyway.
2:00
Now, they won't see exactly what pages you're visiting or the contents of a message you type,
2:06
but they can build a shockingly robust profile of your online life based on just this information alone.
2:12
So how can you plug these pesky leaks?
2:15
Well, if you are using a VPN you trust, the most straightforward way is to enable its anti-DNS leak feature,
2:21
which will encrypt and route all DNS requests to the ISP.
2:23
So how can you plug these pesky leaks? Well, if you are using a VPN you trust, the most straightforward way is to enable its anti-DNS leak feature, which will encrypt and route all DNS requests to the ISP.
2:25
So how can you plug these pesky leaks? Well, if you are using a VPN you trust, the most straightforward way is to enable its anti-DNS leak feature, which will encrypt and route all DNS requests to the ISP.
2:27
After turning this setting on, you can test it as a site that checks for any remaining leaks to see if it's functioning properly,
2:33
and we'll put a link to one of those sites down in the video description.
2:35
And even if you're not using a VPN, you can still route DNS requests through different servers if you don't trust your ISP.
2:42
There are a number of publicly DNS servers out there that you can find with a little research.
2:47
Two of the more notable ones are run by Google and CloudFlare.
2:51
To set this up just bring up your IPv4 settings under
2:55
Ethernet properties in Windows and enter the IP addresses of the DNS servers
2:59
you'd like to use. Though Windows 8 and 10 users should note that a new feature
3:04
called SMHNR, that's a mouthful, anyway, well it could still route your request
3:11
through your ISP, so we've linked a plugin that can disable it in the video
3:14
description if you're using a VPN. And well-regarded public DNS servers can
3:19
have other benefits. For example, Google claims that their service only keeps
3:23
logs of users' IP addresses for 48 hours before deleting them, provides speed
3:27
improvements in many cases, and encrypts your DNS requests as well. Of course, no
3:32
matter who you use, you're still trusting essentially some rando, just not your ISP.
3:37
To be respectful of your privacy, so read their privacy policies thoroughly. You
3:42
don't want to spring a leak somewhere else, or else your request for privacy
3:45
will end up feeling kind of like a boat ride in a pasta strainer. And speaking of
3:50
racing across the lake in a pasta strainer,
3:52
are you ready to go?
3:53
Are you racing against the clock as a freelancer? It's challenging, but with the
3:56
growth of the internet, there's never been more opportunities for the
3:58
self-employed. To meet this need, check out FreshBooks Cloud Accounting
4:01
Software, designed for the way that you work. It's the simplest and easiest way
4:06
to be more productive, more organized, and more importantly, get paid quickly.
4:09
Create and send professional-looking invoices in less than 30 seconds, set up
4:14
online payments with just a couple of clicks, and get paid up to four days
4:17
faster. See when your client has seen your invoice and put an end to the
4:21
guessing games.
4:22
FreshBooks is offering a 30-day unrestricted free trial to our viewers.
4:25
To claim it, just go to freshbooks.com slash techwiki and enter techwiki in the
4:30
how did you hear about us section.
4:31
Okay guys, thanks for watching. Like, dislike, check out other channels, leave a
4:35
comment down below with your ideas for future videos, and don't forget to
4:38
subscribe.