[kwlug-disc] New Public DNS Servers
Paul Nijjar
paul_nijjar at yahoo.ca
Wed Apr 4 15:36:39 EDT 2018
On Wed, Apr 04, 2018 at 02:35:40PM -0400, Chris Irwin wrote:
>
> Mozilla negotiated a specific privacy policy with Cloudflare for its use:
>
> https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/
Welp, I hope nobody has internal DNS servers serving up internal
websites. Good luck in accessing those sites in Firefox without
jumping through a bunch of hoops.
I know I am supposed to be cheering this news but it makes me grumpy.
On the surface that privacy policy looks good but it is full of clever
little holes that I (as an amateur cynic) are deeply suspicious of:
- What is a "sample"? I know what Cloudflare wants me to think when
they use that term, but that is not what I think.
- Why do they simulataneously say that Cloudflare will only use the
data to "improve the performance of CloudFlare Resolver for Firefox"
when they just said they will use the data for their "internal
research and development process"?
- They do not claim they won't combine this data with other data from
Cloudflare or third parties. They claim they will not share data in
ways that can be used to identify individual users. Anybody who
makes such a claim is lying, as far as I am concerned. There are
some limited circumstances (and threat models) you can use to
prove that data is anonymized, but for the most part data can be
combined in interesting ways to de-anonymize users. It happens all
the time.
- Also: identifying individuals is not what most of us should be
worried about.
Feh. I am going back to my cave now.
--
http://pnijjar.freeshell.org
More information about the kwlug-disc
mailing list