News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

  • Encrypted DNS (DoH) now on Win 10 – but better than dnscrypt-proxy?

    Home Forums AskWoody support Windows Windows 10 Windows 10 version 2004 – May 2020 Update Encrypted DNS (DoH) now on Win 10 – but better than dnscrypt-proxy?

    Tagged: ,

    • This topic has 1 reply, 2 voices, and was last updated 1 month ago.
    Viewing 1 reply thread
    • Author
      Posts
      • #2348370
        glnz
        AskWoody Plus

        Per this article from a very good IT tech website –
        Enabling DNS over HTTPS (DoH) on Windows 10 | Windows OS Hub
        Win 10 (version 2004 and up) now has encrypted DNS lookups via DNS over HTTPS, also known as “DoH”. The article describes a registry hack and a Network property setting to get it running.

        But is it better than other techniques out there? For three years I have been doing encrypted DNS lookups via DoH on my dual-boot Win 7 + 10 PC by running the service dnscrypt-proxy, which I set up on my PC using the app Simple DNSCrypt. I did the same on my iPhone by using the apps DNSCloak or Cloudflare’s “WARP”.

        DoH, Simple DNSCrypt, DNSCloak and the service dnscrypt-proxy are described on this great article at arstechnica:
        How to keep your ISP’s nose out of your browser history with encrypted DNS | Ars Technica

        I think (not sure) that the advantage of the service dnscrypt-proxy over the new Win 10 native DoH is that dnscrypt-proxy stores a cache of DNS lookups on my PC at 127.0.0.1, making those connections even faster. dnscrypt-proxy doesn’t go to a DNS server like 1.1.1.1 (even if the connection is now encrypted and checked) unless it needs to. I don’t think Win 10’s version of DoH does that.

        What do you think?

      • #2348428
        Paul T
        AskWoody MVP

        A native solution is usually preferable to a 3rd party one (backup being the obvious exception) but if speed of lookup is your issue, stick to DNScrypt.

        Personally I don’t care much about lookup speed because the replies are cached locally, so it’s only the first lookup that’s (maybe) slow.

        cheers, Paul

    Viewing 1 reply thread

    Please follow the -Lounge Rules- no personal attacks, no swearing, no politics or religion.

    Reply To: Encrypted DNS (DoH) now on Win 10 – but better than dnscrypt-proxy?

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.