Enable This Setting on EVERY Web Browser
Вставка
- Опубліковано 2 сер 2024
- Did you know about this feature?
⇒ Become a channel member for exclusive features! Check it out here: ua-cam.com/users/ThioJoejoin
Links:
• DNS Test 1 ⇨ www.cloudflare.com/ssl/encryp...
• DNS Test 2 ⇨ 1.1.1.1/help
• Configuration Profiles: github.com/paulmillr/encrypte...
▼ Time Stamps: ▼
0:00 - Intro
2:59 - Before Getting Started
3:44 - Enabling on Web Browsers
4:56 - On Android
6:32 - On iPhone & iPad
9:35 - On Mac
10:35 - On Windows
11:13 - What is ESNI & ECH?
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
Merch ⇨ teespring.com/stores/thiojoe
⇨ / thiojoe
⇨ / thiojoe
⇨ / thiojoetv
My Gear & Equipment ⇨ kit.co/ThioJoe
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ - Наука та технологія
He's so powerful. He can slide buttons with his fingers no mouse required.
Haha
Very impressive technology. I believe it is called touchscreen
@@larsthestorf5630 There's no screen behind him. He literally pulled the image out of the PC to slide the button and put it back. Catch up.
@@KiickrOcksz yes.
He's had wizard training.
been using private dns a year already, so far so good it also improves my connection
A few comments:
1. DNS lookups should preferably be done by the network stack in the operating system, not by the application, such as a browser. It might cause that different applications on your computer to connect to different IPs for the same site due to different IPs being returned by the DNS used by the browser and the DNS used by the OS.
2. So your ISP can't just look at your secure DNS requests to see what sites you're connecting to, but instead, Cloudflare gets to see all DNS your requests, so who to trust?
3. Some companies/organizations etc, use special domains and/or names for internal resources that are not resolvable by an external DNS provider like Cloudflare, so you might no be able to access them.
Cloudflare's main business is hosting sites and data for other companies, accessible with high performance and protection from DDoS attacks globally. Using dynamic DNS resolvers that map a name to different IP addresses based on network and system load, your location, location of data needed to serve your request, and so on, is an important part of that service.
Might they have additional motives to see as many DNS requests as possible? Let's say Bank A is a Cloudflare customer, would they be willing to pay for data on DNS requests for Bank B from a certain region for example? Of course, they would!
I'm not saying that Cloudflare does it today, but we all know that there is immense value in data regarding customer behavior.
I'd say running your DNS requests through Cloudflare, a company with a pretty decent track record in regards to privacy, is a lot smarter than running it through your ISP's DNS servers, especially since most major ISPs are known to be doing anything they can to spy on their users and then sell their data. Is it a perfect solution? No, especially not if Cloudflare ever decides to go crooked, but like I said, it's better to go through a service run by a company with a good track record than go through a service run by an ISP that is almost certainly trying to sell your data.
Cloudflare can already read all the data unencrypted for all its customers. And it's quite a big prercentage of websites who are using cloudflare. So dns is not that big of a deal
Thank you for splitting the spands of the video up to different chapters, this makes it allot easier.
Very good cursory discussion on the why this information is important. The browser demonstrations that you provided were easy to follow. Love that this video was short and got to the point.
Bro I am one of your old subscribers... I always liked each videos of yours. Always learnt something new! You are so easy to understand. Massive respect.
He didn't see my comment 💔
@@meowxgamingstuff He doesn't have to. Plus, he has stuff to do. Don't be offended.
who else misses the poll feature lol, I remember all his videos had a stupid poll at the beginning...
Yeah i do
wait it was REMOVED? i thought ppl just hardly used it
Yea it's a shame
@@flop-00 it was removed a long time ago
I didn’t know they were removed, I just thought it was a mistake when people said “You can vote in the poll” and there is no poll
Thank you for the helpful information & tutorial!
Thanks, bro.
been doing DNS over TLS for a while at the router level
How??? Please share
Xd
I love the way he tries to dumb things down so even I can understand them. It didn't work, but I still appreciate the effort.
Reason number 3: some countries like Australia have “metadata logging laws” where your ISP logs headers of your traffic and thus knows which websites you are visiting when you make requests via standard unencrypted DNS. If the DNS lookup is encrypted then this makes it harder for a third party (government, law enforcement etc) to track your browsing activities.
I run a small ISP, we don’t log headers of traffic if the customer has a public IP. Only ISPs using CGNAT where the end user has a private ip need their source, destination and port accessed logged
Yes they won't see your DNS traffic but they will see the ip address of the website you connect to. So it's not really stopping them. Only way I see is to use tor or vps/vpn/proxy. They will see the connection but have no information about specific activities.
Great, great tips! I had never heard of it, thanks Joe
Thank you very much for this video. I learned a lot today. It's a good thing I have a new Samsung. I followed your instruction for it. Thanks, ThioJoe.
Me: So many work to do.
ThioJoe: *new video*.
Me: watches video anyway 😁.
Thx you for clarifying this cdn affair and others! You are right: "certainly, more knowledge than you are bargaining for..."
Nice video Joe keep up the good job
Thank you, your videos are always so informative! Unfortunatly I came across this one too late as esni has been pulled from Firefox-esr and replaced with something else (which seems to be incomplete). There's now no protection for SNI....unless you know something I don't and I'm pretty sure you DO! 🙂
thiojoe thank you for teaching us really good tips for windows! cant wait to see u get 3m subs!
The best youtube channel.....thanks joe for sharing valuable knowledge :)
I just set my private dns in phone with cloudflare
Love this video❤️
Always interesting, thanks.
Nice vid. It was very helpful. Thanks 👍🏻👍🏻
I do this the most secure method: I handwrite each DNS request, put it in an envelope, mail it, and wait for the reply.
Government can read your mail! Oh no!
That's a silly way - you should be using smoke signals. And they should be in encoded Klingon.
I use a track and field hamster team to courier those envelopes myself ..... those hamsters are a moving...!!!!
The ping must hit negative time then!
@@davidwallin7518 So many people know Klingon now, you have to encrypt it to be safe.
Thank you for the information!
Amazing channel! i have seen already your ssd failure video and this one and i can say that i am so benefited. Btw what about Linux machines?
Pretty informative and usefull video.
Thanks!
Thank you for the video!
I just checked my firefox and it's already enabled. Nice.
Thanks, Thio for this video it's really useful.
Thanks, these are pretty useful
Great content as always.
Really useful!
Thank you, your vids help alot.
thanks bro..more power to your channel
Thanks so much for the info
Very informative, Thanks!
Good vid thanks for the info
the video came out 16 minutes ago? this dude gone in the future and commented fr 😂💯
They got secret illuminati access
@@ThioJoe 😂
You deserve more views :(
man i like all ur videous thnks for these things
Thanks Thio! I'm one step closer to getting my pc to *MAXIMUM* power.
Comodo Firewall with cruelsister settings
Bitdefender AV
O&O Shutup10
I do this in Control Panel which gives a....'global effect' to this setting rather than effecting just one browser.
It can also be changed in Settings under Network & Internet \ Ethernet - then click on Edit next to DNS Server assignment
Is there any benefit to doing both? I have a private DNS setup on my network adapters.
Thank you Joe !
Thanks for this wanted cloudflare on my iPhone
Great video!
Super helpful, especially for iOS. thank you 😃
Did it. I trust you man. Thanks.
Very nice video explained everything well
What a fascinating video.
Great vid Theo
Thx a lot for this vid!!!!
Thanks bro
Great channel, wish u had more mac stuff
Wow!! I'm so happy that I'm in this video. Thank you ThioJoe
10 hours ago...
How?
@@linr3v730 the video was unlisted
@@linr3v730 He is a member
Lol 10 hours ago😂🤔
Very useful👍
"Wu Tang Lan" killed me
Thank You Sir. 💥💯
Thank u Man, u are Great.
Thanks Man .you amazing.
It was already enabled on my Firefox browser, but thanks for the heads up.
I have AdGuard DNS configured directly on my router. Greatly increases my connection speeds by automatically blocking spammy ad URLs from loading at all on my network.
Just setup NextDNS on my router and it's been flawless, ended up paying the $20 yearly fee because I easily topped out at the 300,000 queries mark
Nice one
I wish I could upvote this more than once.
Damn good video. Keep it up.
Thanks!
Ahhh this video is so good thnx u
good video Quad9 is also another good one even better than Cloudflare when it comes down to security
I changed it like you mentioned but the test site still gives me a question mark for Secure DNS.
What is the difference between changing DNS from WI-FI setting and chancing from browser or system settings.
If you set DNS up on your router, all devices in the local network will use the same DNS.
If you set DNS up on your browser, it will only use the DNS on your specific browser.
If you set DNS up in the settings of your phone, it will use the DNS in all apps system-wide, but only and only on this particular phone.
seems to me if your router had already set to a version of the "DNSS", the handshake check gives false negative ( or if you have a another app like say a app manager app with a VPN, it also happens the same. disabling that VPN gives a postive)
Very informative. Thank you !
Edit: uh...yea, I got lost. Hackers may intercept where you're going by reading an unencrypted name - I don't think it will ever be secure; just very, very complex.
Just a note to anyone doing this for iOS or iPadOS: You must do this in Safari, not in your preferred browser for the profile to be acknowledged by the system. Otherwise it’ll just downlload but won’t show up in Settings.
Also the Profiles setting doesn’t show until you have it downloaded in safari
Thio joe is the best youtuber ever
I am one of the youtubers of all time
I was waiting for this video but I fell asleep 😞. It's 12:30am here in the Philippines
Turned DoT on for cloudflare in my router which has the option (The router node of an Asus XT8 mesh system). Cloudflare's browsing check says everything is secure except for the "Secure SNI" as mentioned near the end of the video.
From my understanding this should work fine as long as the web browsers of each client on my network specifically direct all DNS queries to the router.
SNI is not yet supported by many routers and servers, however as long as your DNS is secure you should be fine.
Owesome bro
Muchas gracias por el gran tutorial. Pero me quede en duda. Si es posible hacer una configuración del DNS del Router de la casa... podrías ayudarme con mi duda por favor...
I love it nice
Very important 👍
Hlo bro! You are my hero of computer science🖥️💻😊😊😇😉
I run my own, done that for many years now 😀
Good Video
I’ve heard that people won’t use HTTPS for DNS due to the fact that it forces your browser to resolve to a big-scale DNS rather than more local ones
Wow great friend
I love you so much joe you are best youtuber you are my uncle❤️❤️❤️❤️😍😍
A system wide DoH/DoT for Windows OS are possible, if it would follow upon how DNSCrypt was implemented/deployed for client side.
Do I need to encrypt SNI too? Currently it is not.
EDIT: LOL you are already addressing it. Great.
Hi thank you for that
Whenever I see a thumbnail with a person putting there fingers on a button or switch. I remember, ThioJoe
Nice!
Turn off privacy sandbox in chrome settings though so it doesnt send your (slightly anonymised but still gives them a good picture of what you do) browsing data to websites
Do you know how this can be set up without losing access to local IP addresses (like Router Interface etc.)?
Great stuff man,
The only problem is for some reason in Google Chrome on desktop once I close out of Google Chrome, DNS is no longer secure and so I have to fix the setting every time I open Chrome, how do you save this browser setting?
To Enable DNS over HTTPS (DoH) on the Opera Browser,
Click on the Opera icon to open the browser's menu,
Pick Settings from the menu,
In Settings, click on Advanced
On the right, scroll down to the System section.
Turn on the option Use DNS-over-HTTPS instead of the system's DNS settings.
Would I need to do this if I already have Cloudfare set at the router level (to point to their DNS) ?
Should I do both DoH and DoT? Also do I need to do a reboot on an iPhone after install?
What is the cool file thing on the top right of the monitor on your desktop?
Hey ThioJoe: I got the cloud flare dns to work on my Android but am still vulnerable to SNI hacking?
Yes. Ech is still in draft stage and no software supports it. Even Firefox's implementation is currently broken afaik. Your best bet is to grab an older version of firefox for Android with working esni and use that for web browsing
Is this similar to using a DNS on the router level? I have an Asus AC88U. There is a WAN DNS Setting under the Advanced Settings - WAN. Would this work the same without configuring individual devices?
Are you gonna make a video on Chrome 91?