On 01/24/2014 09:46 PM, valdis.kletni...@vt.edu wrote: > On Fri, 24 Jan 2014 21:22:58 +0100, Stefan Neufeind said: > >> just "no Youtube". Hmm - why would people use those resolvers, besides >> being lazy in configuring a proper resolver-address. > > A lot of people make value judgements on the relative likelyhood of finding > evil in DNS packets coming from 8.8.8.8 versus DNS packets coming from the > IP address handed to you in the DHCP reply....
If it's just "some" DNS your provider hands out, I agree it's not much better as well. (But you might possibly assume your provider has less interst to spy on all your emails, your dns-queries and the like.) What imho you'll want is a reliable resolver which is as close to you as possible (and have it do DNSSEC-validation etc.). Regards, Stefan