don't do this if you are on a VPN, it causes DNS leaking
(Google DNS? more tracking :shudder:)
How to change your Android phone's DNS to Google, Cloudflare or Other DNS Provider
You should know the risks when you use your phone to browse the internet on a public network. Turning on Private DNS ensures your queries are encrypted and protected from malicious actors. This guide shows you how to change your phone’s DNS to Google or Cloudflare (or other) for a faster and more secure browsing experience.
Besides the speed and performance, these DNS services offer additional security, like DNS-over-HTTPS and DNSSEC. And they don't keep a log of user activity, which could pose a security risk. And since your browsing activity is encrypted, your ISP or a hacker cannot determine the websites you visit.
Although the linked article mentions Google and Cloudflare, there is also an option to set a private DNS hostname as well, such as Quad9. You just need to type the actual DNS address in to use it.
The iPhone can do the same thing (but Wi-Fi only as far as I recall), so it is worth exploring these settings under Wi-Fi settings.
See https://www.androidpolice.com/how-to-change-your-phones-dns-to-google-or-cloudflare/
#technology #privacy
Discussion
Or the "other" DNS available. But if it is encrypted DNS through a 3rd party (like a VPN is) I'm wondering if is actual DNS leaking?
yes it is 100% and that setting is one of the main troubleshooting issues that proton will copy paste into support tickets and lists on their website.
think of it this way. if you query your VPN provider for DNS there's nothingeqving the VPN that can be snooped. if you set it 3rd party... lots can happen
Trust the VPN provider vs trust the 3rd party encrypted DNS provider? That DNS traffic can't be read, even by the VPN provider, and ideally it should be going out via the DNS tunnel. It could then be better to logically separate these two providers?
nope
I tried what you are suggesting. it leaks. and yes I do trust Proton's VPN and their DNS. I get why you think it's better, and so did I when I first started with privacy and security but it's not a good idea.
Why would you trust Google DNS (or CloudFlare) anyway? Google's business is selling user data, I highly highly doubt they are not tracking DNS and selling it. They just want your DNS queries rather than your ISP having it.
do you want me to show you DNS leak tests both ways?
It's privacy washing basically