I created a new diagram that illustrates the popularity of DNS resolvers used by exit relays. The diagram shows nine autonomous systems that hosted the most popular resolvers at some point over the last months. These autonomous systems are owned by Google, INIT7, LeaseWeb, Visual Online, OVH, OpenDNS, NForce Entertainment, Cyberdyne, and Level3. The x axis shows time and the y axis shows the fraction of DNS requests that the respective AS can observe: https://nymity.ch/dns-traffic-correlation/img/exit-resolvers-2015-05.png
The two most popular setups are Google's 8.8.8.8 and local resolvers, i.e., exit relays doing their own resolution. Occasionally, Google got to see more than 40% of all DNS requests exiting the Tor network. That is concerning, particularly given Google's role in the PRISM program. No other autonomous system is getting even close.
Please refrain from using 8.8.8.8. Instead, set up your own resolver, or at least use the one provided by your ISP. Here's Peter's quick guide on how to set up your own resolvers [1]:
On Thu, Jan 08, 2015 at 04:11:09PM +0100, Peter Palfrader wrote:
o apt-get install unbound o remove all nameserver entries in /etc/resolv.conf and add one for the local recursor. Either manually or use (untested): sed -i -e 's/^nameserver /#&/; $a nameserver 127.0.0.1' /etc/resolv.conf o prevent anything else from modifying that file ever again: chattr +i /etc/resolv.conf
Note that running your own resolver is not universally safer because the exposure of DNS requests to network adversaries is greater. It's a tricky trade-off that we are currently trying to understand better [2], but increased exposure to network-level adversaries seems less bad than having Google see almost half of all DNS requests.
If you are wondering how I created the above diagram, have a look at the measurement method [3].
[1] https://lists.torproject.org/pipermail/tor-relays/2015-January/006147.html [2] https://nymity.ch/dns-traffic-correlation/ [3] https://lists.torproject.org/pipermail/metrics-team/2016-February/000078.html
Cheers, Philipp