A free, sovereign and GDPR-compliant recursive DNS resolver with a strong focus on security to protect the citizens and organizations of the European Union.

Blaze · 8 hours ago

A free, sovereign and GDPR-compliant recursive DNS resolver with a strong focus on security to protect the citizens and organizations of the European Union.

towerful@programming.dev · 4 hours ago

You can get a lot of metadata from DNS lookups.

Traditional DNS is just simple UDP. There is no authentication of authority.
There are actually DNS attacks where - if you are intercepting the traffic - you can reply faster than the actual DNS. At which point the client will trust whatever you return as it arrived first.
Indeed, that’s how multiple DNS addresses work. Your computer will yeet a request to all configured DNS. First response gets used.

Also, as it’s unencrypted, anyone that can snoop the traffic can see what domain names you are requesting.

There are a few standards that are working to solve this including DoH (DNS over HTTPS) and DoT (DNS over TLS).