> Quad9 collects: > > - Aggregate count of IPv4 queries per site ..... > - Aggregate count of queries matching each blocked domain per site, for > queries which are directed to the malware-filtering addresses. > > In the future, Quad9 may also count aggregate number of queries matching > blocked domains by origin AS, but there’s no active project to implement that.
As any other centralised service, a DNS resolver will implicitly collect and pass on any traffic that goes through it. DNS has no protections against that, and I believe it was never the point of the protocol that it does. Integrity is a bigger issue and there are many examples where it is actively being violated - this is at least partially addressed by DNSSEC. The question is what happens with the data. Deleting it right away would be a good start, and I'm pretty certain Google isn't doing that. Quad9, as you explained, is at least saying they don't keep any individual records, but collect aggregate information. > While you’re right, that has no bearing, since the labels aren’t being > collected. In the end, this is a question of who you trust and who you don't. I'm not sure if switching from one centralised service to another is a good idea, but my initial complaint was more directed at the fact that an ISP is delivering data about a customer's habits to the one of the biggest service providers on the planet on a silver platter, and without their customer's consent to boot. That's not ok. _______________________________________________ swinog mailing list [email protected] http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
