VPN vs DNS - Which Keeps You The Safest?

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

all right vpn's versus DNS providers this is a question I've received quite a bit and I want to dive into it and detail the confusion between these two and why the question while valid may be a little misguided let's talk about DNS first so a DNS provider the common analogy is it's like a phone book for the internet now what this looks like is when you type in google.com you're actually not really going to google.com to prevent people having to type in a Google server manually they can just type in google.com which then a DNS provider will trans essentially into the IP address now we can go a lot more complicated with this there are other resources that I can leave down below for you to dig more into DNS by default if you're watching this and you haven't modified any system settings you're probably using the DNS provider for your internet service provider or if you customize something like you customize it to be Google DNS or cloudflare then you're using their DNS provider or if you're using something like a VPN we'll talk about that in a sec because then you're going to be doing something a little bit different now when it comes to security and privacy benefits of a DNS provider you are going to see some providers who to offer things like antiu protection and anti- fishing protection and the way this works is essentially they're going to have lists that are tied to certain domains that they've now flagged as malicious some of them even use things like AI to try to analyze a web traffic to understand if it could be something malicious also some allow you to filter web traffic manually where you can actually customize exactly what kind of requests can be made via your own dedicated configuration now aside from those Niche use cases actually by default DNS providers aren't really a privacy security Tool uh in itself when people ask for a private DNS provider they're not necessarily looking for one that has privacy features they're just looking for one that just does its job and nothing else so what that means is a DNS provider that's simply providing you the websites you need to access and processing your queries without harvesting your data and also just not selling your data or doing anything nefarious they're just giving you the service that you need in order to use the internet the way you want to use it the privacy and security features I listed which you can opt into with certain services that provide those features are kind of just the cherry on top and it's kind of a given that those privacy and security focused DNS providers are also doing that in the sense of they are respecting your queries and they're respecting your web traffic and are not doing anything bad with that now let's dive into vpns vpns traditionally in a corporate environment are simply just to connect to a different device so that you can access files remotely but the vpns that we're going to be talking about today are more with the emphasis on privacy and security which is essentially a PN is going to encrypt the traffic locally on your computer and then it's going to direct through your ISP but your ISP won't be able to see your traffic and instead your VPN will be able to in theory see your traffic the security benefits here is that your traffic is encrypted on your computer so in theory nothing on your Wi-Fi network knows what's going on within the tunnel the benefits of this are a little bit smaller nowadays with things like https but I still much prefer using a VPN on something like a public Wi-Fi network because I do think it still improves your security um and also on the privacy front the main privacy benefit for a lot of vpns is that they mask your IP address so that sites can't correlate you uh between themselves or different sessions just based on an IP address keep in mind there's many other ways they can correlate your traffic but at least it shuts down that IP option in my eyes the cool thing about a VPN is you know for a fact that companies like Verizon cellular companies isps are harvesting your data at least in the US and when you're you choosing a trusted VPN provider uh you can have with a lot of certainty that they're going to be treating web traffic better than any of those providers will so again it's a transfer of trust and worst case scenario even if the vpn's not telling the truth I think you're back where you started and I think that's actually one thing I want to touch on before I talk about uh VPN providers and the DNS that they use which is kind of where things get a little interesting I just wanted to summarize quickly that a VPN provider is generally for us in the digital rights Community exclusively used as a privacy and security tool by default you're not going to have a VPN running on your computers or on your phone or anything like that you're just going to be using the the web as normal and installing a VPN is actually an additional complexity that you're adding to your workflow for the purposes of being a privacy and security tool whereas a DNS provider all of you watching this video are likely connected to a DNS provider and pretty much a DNS provider is kind of like a search engine which is almost everyone's using one and you can essentially opt to use more privacy and security friendly services and some of those services will add a few features and benefits on top of just naturally respecting your privacy a little bit better now where things get interesting is when you're using a VPN what DNS provider are you using and most VPN providers actually have their own DNS and so for example if you're using mulad VPN or ivpn or protonvpn or windscribe all of them are going to be using their own DNS and the reason for that is that way you're only trusting one provider that way you can just trust molad to handle both your DNS queries as well as your web traffic and it's all kept in one location something you're going to see some debate on for sure is whether or not you should change the DNS of your VPN because again by default it's probably using its own DNS that's from the VPN company I think almost always if I just have to give general advice to everybody yes the safe thing to do is to just maintain the same DNS provider um that way you're not messing with anything there's no risk there generally if you're trusting your VPN provider you're also able to trust them with your DNS queries now where things get interesting and for those of you who are subscribed to the channel and keeping up with a bit of my journey is I actually do change my DNS provider and I use something called Next DNS uh and I experimented with this on protonvpn ivpn mulad and um that configuration and that whole Saga has been unfolding but currently I'm using mulad um via tail scale which is kind of a different thing not super relevant to this video but essentially I'm using mulad with NEX DNS and the reason for that is NEX DNS has these incredible features um it essentially allows me to filter out tons of different web traffic I just don't want to deal with and it gives me a ton of privacy and Security benefits uh along the way and Noah this isn't sponsored by nextdns and you can even use other services like control D and there's a few others out there that allow you to essentially like filter out different types of web traffic and I just find this to be a super powerful tool mulvad actually has a couple of these features already built into its DNS that you can utilize but I found next DNS to be a lot more powerful and a lot more foolproof and a lot more customized to what I like so for me I actually felt that the trade-off was worth it to be able to utilize next DNS within mulvad because I'm getting in my eyes a lot more privacy and Security benefits than the cons which you might be wondering what is the con there well first you are introducing a second party to your queries so um instead of just trusting mulvad you're now trusting mulad and next DNS which does introduce another party but if you trust both parties and neither of them are doing anything wrong then you should be fine I think the more recent thing I'm hearing from people is that if you change your DNS provider within a VPN it's going to make you more more fingerprintable um and essentially what this means is um let's say website a uh can see that there's 100 users connecting from the same mulvad server essentially other people connected to the VPN server will have the same DNS provider except you which makes you stand out a little bit and my response to that is vpns aren't really a fingerprinting tool in the first place and there's other ways to fingerprint users and it really comes at a trade-off if if you're trying to go for anti-fingerprinting you should probably be using tour browser in the first place um and for me the privacy and Security benefits of something like nextdns are going to greatly outweigh this possible risk of fingerprinting via DNS in a VPN tunnel but it is something to keep in mind but again if fingerprinting resistance is really what you're going for you should probably be using tour browser which is the kind of gold standard we have right now or something like Tails or honix something that's designed from the ground up to actually blend you in with other users also Henry Pro tip this doesn't have to be as black and white as it seems so I actually use mulad with next s by default but in a fingerprint resistance browser like the mulvad browser it actually overrides next DNS because it has its own DNS provider set within the browser settings so you can still have a browser that has fingerprint resistance while you use something else like a custom DNS provider and another bonus to this too is sometimes it's hard to troubleshoot why a website won't load and you can test if it's being blocked because of your custom DNS provider because if the website loads in the browser with a different DNS provider you can isolate that at your custom DNS just a pro tip what this means for you is find what works best for you um for some of you it might not make sense to use a VPN and that's okay for some of you it might make a lot of sense to use a VPN and that's okay for some of you it might make sense to use a custom DNS provider with your VPN for some of you it might not now some actionable things for everybody listening I do suggest in general almost everybody should probably change their default DNS provider if it's not a vpn's to a better more privacy respecting one in other words don't use your isp's DNS provider and move to something more privacy respecting we have recommendations on our website that I'll leave down below and those recommendations link to more recommendations from other people who have their own opinions as well the next call to action is you should probably decide if you want to use a VPN or not and our website also details this we have VPN tools we have a chart and we also have a whole breakdown and different external resources that talk about when you do and don't want a VPN and why you may not even need one so if you want to look into better DNS providers to use and if you want to look into whether or not to use a VPN and which VPN to pick um our website has resources for both of those things and it's all free and it's all open source so have some fun with that links are down in the description and also if you have more followup questions I would suggest joining our Forum our Forum has a lot of people who ask questions like this and so if someone might have already asked your question you can just search and if they have't feel free to just uh ask the question on our Forum we have a lot of helpful people there and it can really help you out I wanted to quickly just shout out our patreon if you found value in this uh definitely join our patreon patreon.com teor and if you want to see some really good VPN providers I'm actually going to leave uh card right here or not a card the the end screen thing it's an end screen thing go watch that it's going to be really good and we'll see you next time on [Music] Tech

Info

Channel: Techlore

Views: 29,511

Rating: undefined out of 5

Keywords: vpn vs dns, vpn or dns, VPN, virtual private network, VPN custom DNS, custom DNS, DOH, VPN privacy, VPN security, VPN guide, DNS privacy, DNS security, DNS guide, VPN DNS, DNS VPN, Techlore VPN, techlore DNS, NextDNS, Mullvad VPN, NordVPN, ExpressVPN, IVPN, Windscribe, Proton VPN, custom DNS providers, Best VPN, best DNS, secure VPN, private VPN, should you use custom DNS, should I use custom DNS, Google DNS, cloudflare, mullvad DNS, privacy guide, security guide, techlore

Id: wlfnIXL63tw

Channel Id: undefined

Length: 10min 14sec (614 seconds)

Published: Sat Feb 24 2024