Hi guys,
I was searching which protocol is better for privacy and so far DNScrypt is better (according to my research).
What’s your opinion?
You have a comparison with other protocols here
https://dnscrypt.info/faqFrom my research DNS crypt is the better option since DNS queries can be anonymized. In terms of privacy this is next level.
I’ve never heard of DNSCrypt. What supposedly makes it better? DoH works fine and is the best way to “hide” DNS traffic as far as I can tell.
check this https://dnscrypt.info/faq/
Yes, because UDP > TCP. They keep using excuses like that UDP is unreliable, because you can lost packets, I have never lost a single one.
They want people to use easily tracked TCP. UDP is a simple request, TCP has to establish the connection, QUIC by Google is even worse.
Unfortunately DNScrypt was never accepted as a standard, so it will eventually fade away and we will be forced to use DoH, I prefer DoT.
They want people to use easily tracked TCP. UDP is a simple request, TCP has to establish the connection, QUIC by Google is even worse.
None of this makes sense (except maybe that TCP is stateful). What “easily tracked” is supposed to mean here I have no idea. Any information you can get from TCP are included in UDP from a privacy standpoint. The concept of a request doesn’t exist in UDP. The actual request in the DNS sense is very similar for all protocols. QUIC is UDP from a network protocol point of view, but it adds features commonly found in clients that need secure connections over UDP.
I prefer DoT
Which uses TCP.
QUIC uses UDP?
It is supposed to replace TCP, but till then it sort of uses both. I use it only on Brave for Youtube/Google.
QUIC uses UDP for ports and connectionless transport, then adds the resiliency of TCP, the security of TLS 1.3, sprinkles in a dash of commands and version control from protocols like SMB, and then mixes in a set of new protocol concepts and efficiencies to create something entirely unique in the protocol world.
DoH is better than DoT imo because it is not distinguishable from HTTPS traffic by an outsider and thus harder to block/mess with.
Yes, DoH is good for privacy, but not for security.
Why you prefer TLS?
For security. It uses a separate port, so it can not be easily abused by malware/hijacked, you will simply allow a single IP, unlike with DoH, where you have allowed all the traffic.
for privacy DoH is better
Well you can still use DNScrypt servers
For now, but they are slowly being abandoned in favor of DoH and DoQ. DoT is deprecated even on Android 13 and replaced by DoH.
