- Edited
I've read the information provided on the GOS website regarding DNS Servers.
My threat model is low and I am more concerned with privacy protection. I want to avoid my default network provider (and DNS services) collecting my DNS query data and retaining / selling it. For me at least, I believe routing all my traffic through a trusted VPN or TOR is overkill.
Having read the guidance on the GOS website (https://grapheneos.org/faq#default-dns) do I understand this correctly?
- Using the network-provided DNS servers is the best way to blend in with other users and avoid fingerprinting (note this does not seem to prevent the DNS provider from selling or retaining my data)
- If I want to use a private DNS, then using a popular one with a good privacy policy (e.g. Cloudfare, Quad9, Netguard) would be a good trade off to avoid some/most fingerprinting and avoid the retention and sale of my DNS query data?
Any guidance would be appreciated. Thanks!