Amazing work. Simple, elegant and something new to learn that remain in memories forever because of your easy to understand explaination.

Hi! I´m from Brazil and I love technology. Great explanation. I´m newcomer here. You got a new subscribed. Congrats!

Great how you make us understand! In my simple words - instead of trusting technology, with ODNS, you have to trust organization. You have to trust that the proxy and the ODNS server's org do not talk to each other.

Savee we missed you for so long !

Notice: ISPs can still do reverse DNS lookups on IP addresses you connect to. This is *not* a replacement for Tor. Also I'm kinda suspicious about these proxy servers. If the organization who runs the DNS resolver also runs the proxy server, they can still figure out who you are and what websites you visit.

Great job thanks !

Well explained

Dns is always a balancing act. On the one hand, you want yo have control over your own devices through your router by, for example, blackholing some domain. But on the other hand you don't want third parties snooping on your request.

So if i ise this, my isp will not see the sites i visit? Or there is another ways that isp use to see my visit history?

Does VPN help to hide the user’s IP from the DNS resolver and therefore solve the problem of the user’s identity exposure?

Haha. At 1:40 those Bitcoin bag emojis imply ISPs are selling browser our history history for Bitcoin.

why don’t put chain proxy servers just like tor

Does this hide infos as SNI too?

😎🤟

what if the proxy and odns own by same company :D

So you are never safe.

Would Blockchain solve this problem?

to protect against the man in the middle by implementing DNSSec

What's the weird music, sounds like some ghost is screaming

Terrible idea. So now if I want to exfiltrate data via a DNS tunnel I can encrypt the whole thing from end-to-end. I set my bot to use my proxy service and my my termination server. I have just bypassed a number of security tools and once it is past the proxy, you cannot even discover the source of the breach. Adversaries are going to have a hey-day with this. There are reasons the EU providers are banning Apple private relay, this is one of them. Second, who ever controls the termination server controls all. In the case of Apple private relay (Apple+Cloudflare) while they cannot see the origin IP, they still can set policy on what is being browsed, giving preferred partners quicker responses. I am not saying Apple will do this, but at some point an unscrupulous eventually entity will. Third, what happens when Governmental entities. what access to DNS queries/responses for a terrorist investigation, will this even survive or will it be legislated out of existence..

Not green anymore ;)

you forgot something.... [your device] -> [ISP] -> [proxy server] -> [ISP] -> [ODNS] -> [ISP] -> [proxy server] -> [ISP] -> [your device] you notice something :) the ISP has access to all the data along the entire chain . so really it doesn't matter.

First comment

find a dns services that does not use any big tech services

NEVER TRUST BIG TECH