Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Don't fallback to Google DNS #8782

Closed
Kleshni opened this issue Apr 22, 2018 · 5 comments

Comments

4 participants
@Kleshni
Copy link

commented Apr 22, 2018

Submission type

  • Request for enhancement (RFE)

systemd version the issue has been seen with

238.76

Used distribution

Archlinux.


Leaking private data to Google when the user doesn't even know about it, is the Windows way.

See these discussions:

https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1449001
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=761658v

Google NTP service should also be removed from the default configuration for the same privacy reasons, though it has much lower impact than directing all DNS queries to Google. Google DNS is completely unacceptable.

@refi64

This comment has been minimized.

Copy link
Contributor

commented Apr 22, 2018

For the sake of discussion, I guess CloudFlare's would be considered more acceptable?

That being said, don't most ISPs use their own DNS servers that are just as bad privacy-wise? If someone really wants privacy, they'll have to configure it anyway.

@boucman

This comment has been minimized.

Copy link
Contributor

commented Apr 22, 2018

This is about NTP, not DNS. Default DNS can already be easily replaced at compile time.

Do keep in mind that, unlike DNS, NTP would probably stay the default for most systems... which means redirecting a large amount of requests towards whoever becomes the default. So whoever is selected needs to have the capacity to support whatever trafic this change redirects...

@refi64

This comment has been minimized.

Copy link
Contributor

commented Apr 22, 2018

Ah, whoops... I misread it when you had said "Google NTP service should also be removed".

@Kleshni

This comment has been minimized.

Copy link
Author

commented Apr 22, 2018

I guess CloudFlare's would be considered more acceptable?

The main concern not in the choice of default option, but in its existence. Having a fallback option means hiding the occurred misconfiguration from the user and giving him a false confidence of safety.

their own DNS servers that are just as bad privacy-wise?

No, they are better, because local providers have much less power than a global corporation. This is very poor, but a kind of decentralization.

If someone really wants privacy, they'll have to configure it anyway.

If I configure my very secure and trusted DNS on a router and then advertise it throught DHCP, I'll face the same issue:

The 8.8.8.8 fallback is not only used on misconfigured systems! It’s also used for a short period while initially connecting or reconnecting to totally healthy networks with DHCP. So the excuse that privacy-conscious users should just use DHCP holds no water.

Default DNS can already be easily replaced at compile time.

I can try to disable numerous spying services in Windows 10 as well. But why I need to do it?

There must be no such features in the default configuration, because rare user would bother finding them all before running the system. And what if I just forget to disable systemd-resolved in another fresh installed system? And how can I be sure that more such features will not be added in the future, because the developers don't consider them something undesirable?

redirecting a large amount of requests towards whoever becomes the default

One fixed default can be replaced by a random choice from a long list: https://support.ntp.org/bin/view/Servers/WebHome#Browsing_the_Lists.

@poettering

This comment has been minimized.

Copy link
Member

commented Apr 23, 2018

Which servers are used (or any at all) as a fallback is a compile-time as well as a runtime option. If you don't like the upstream defaults, then please work with downstream to pick different options or make the choices locally in your configuration files.

We think it's very much in the interest of users to make things "just work", but we are fully aware that downstreams and users might want to make different choices there, hence it's configurable at every level. From upstream we just default to good, working defaults.

Hence, please tlak you your distro, or just use FallbackDNS= in resolved.conf to adjust things to whatever you like. In either case it doesn't matter what upstream does there...

Thank you for understanding.

@poettering poettering closed this Apr 23, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.