this post was submitted on 26 Sep 2023
42 points (95.7% liked)
Sysadmin
7640 readers
1 users here now
A community dedicated to the profession of IT Systems Administration
No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
!lemmy@lemmy.ml
!lemmyworld@lemmy.world
!lemmy_support@lemmy.ml
!support@lemmy.world
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
This is the correct answer if you trust that your ISP isn't snooping on your traffic. Your DNS server will send unencrypted queries to the root name servers and the nameservers of the domains you search for. This traffic is easy to detect and parse, so you do need to trust your ISP, or the provider of wherever you host your DNS server.
If you don't trust your ISP to that level you'll need to trust whichever server you connect to. It's a trade off to decide which is best for your use case.