On Thu, Jan 08, 2015 at 10:04:35AM -0500, Nick Mathewson wrote:
Hi, all!
While looking into a bug report, I noticed that an exit node was using one of Google's well-known public DNS servers for its own DNS server.
No disrespect to the operators of Google's fine public DNS service, but my sense is that using it for a Tor exit node might not be the greatest idea for users' privacy, having one DNS provider that gets to see so many requests. It's probably a better idea to have your own local cacheing DNS server.
Would anybody like to share a guide about how to set one of those up safely and migrate correctly?
I know people have already started to make specific suggestions and I don't intend to comment on those. But I wanted to say that in general there is another consideration: AS and other network level vulnerabilities. Obviously recursive resolution may send queries wherever, but using a local resolver should limit the network adversaries seeing exit DNS traffic. The flip side is that, against such an adversary, using a DNS server that supports encryption of queries and responses is probably more important than it being local. (At least until Tor starts choosing exits to minimize exposure to network adversaries on the destination link ;>)
-Paul