- cross-posted to:
- buyfromeu@feddit.org
- cross-posted to:
- buyfromeu@feddit.org
What is DNS4EU? DNS4EU is an initiative by the European Commission that aims to offer an alternative to the public DNS resolvers currently dominating the market. Supported by the European Union Agency for Cybersecurity (ENISA), the European Union’s DNS4EU secure-infrastructure project provides a protective, privacy-compliant, and resilient DNS service to strengthen the EU’s digital sovereignty and enhance digital security for European Union citizens, governments, and institutions.
The program provides robust DNS security for public institutions and their employees, ministries, local governments or municipalities, healthcare, education, and other critical services such as telecommunications providers. By working with the latter, for example, it ensures DNS resolution service for all of a telco’s customers, with minimum manual overhead for their teams.
Additionally, the DNS4EU solutions aid organizations in complying with regulatory requirements (such as GDPR) to keep data within European borders.
As these organizations often face challenges to independently developing and maintaining high-level cybersecurity measures (such as election cycles or funding), the DNS4EU project solves these challenges by providing a Europe-based, centralized, scalable solution to ensure the highest standards of security and privacy, compliant with EU regulations.
You must log in or register to comment.
Do they resolve thepiratebay[dot]org?
I feel there are plenty of local activist/independent servers all over the EU. As long as you mind the encryption/anonymization, you can even round-robin them. Having a central EU authority is better than Google/Cloudflare and should be safe, if the implementation is sound. But there is a lot of room to meddle.
Wasn’t there something really similar with dns0.eu? Are these related in any way?
“dns0.eu is a French non‑profit organization founded in 2022 by Romain Cointepas and Olivier Poitrey — co-founders of NextDNS.”
whereas
“Supported by the European Union Agency for Cybersecurity (ENISA), the European Union’s DNS4EU secure-infrastructure project”
so AFAICT the 1st is by (EU) citizens with the technical expertise and selling a related product whereas the 2nd is by the public EU administration.
It’s possible, I think that DNS4EU seems a improved version.
I tried this for awhile, but I got occasionally 30 second delays before it starting replying to lookups. It did respond to icmp immediately though.
Interesting, I’d be curious to know if they have quality of service reports, benchmarks against existing alternatives.
It’s tempting but if performance, e.g. latency or reliability, sucks then despite the effort I wouldn’t use it.
Oh, from the same people who want you to install a mandatory app to access half of the internet? I’ll pass
FWIW “Unfiltered option is a valid option for users who are confident their devices and connection are secure, and are looking for fast, reliable, and anonymised resolution service.”
Hell yeah. Balkanize the internet more!
If you are not already aware of it you might be interested in SplinterCon.
That being said this service seems like option, an alternative to existing solutions, so in that sense I don’t believe they are splintering more.
Nah the whole point of the Russian federation copying China, five eyes nations getting butthurt about ech/doh and ultimately this European dns system that ensures name resolution is compliant with euro regulation is to preserve national interests in a multipolar world on the stage of the global internet.
You don’t gotta worry about icann or anybody else if you control the way the internet works for your citizens.
Maybe I’m missing something but the EU isn’t mandating ISPs to use this DNS.
Here it’s up to anybody, if they want to, to use this DNS instead of their ISPs, or NextDNS, or corporate Americans alternatives e.g. Google Public DNS or Cloudflare’s. I don’t think any average citizen, in EU or elsewhere, is directly hitting on ICANN’s servers.
For now.
The whole stated point of this action is to make sure there is a dns provider who is required to be compliant with eu law.
Then entities who have a requirement to be compliant with some recordkeeping or framework of eu law (surprise, it’s all of them!) must use it.
Oh look here, because you ended up using eurodns for gdpr compliance you’re also required to turn over all records upon a lawful inquiry!
It just so happens that dns requests meet the minimum requirements for further search and surveillance, how lucky for me! Who could have ever expected this?
It’s easy to dismiss what I’m saying because it’s not happening at this very moment, but give it a few years and we’ll see liberals bemoaning the suffering of freedom loving peoples languishing under the great Eurovision firewall.
The instant any such report were to be made public anybody who cares about privacy would switch to another DNS.
I’m not saying it’s not possible, or won’t happen, but rather the barrier to switch is so low I have a hard time anybody would accept that “compromise”.
Some minuscule portion of individual users may do so.
Organizations will implement eurodns as best practice for regulatory compliance. Providers will do so as well.
Almost every internet device uses whatever dhcp gives them as dns. When all the companies, government bodies and providers use eurodns to be compliant with the regulatory frameworks that allow them to continue operating in the eu that change will trickle down to users automatically.
It’s also worth remembering that surveillance is extremely normalized in the eu and eurozone compared to many other nations and areas. Of the vanishingly small percentage of users who are both aware of the concept of dns and choose to change it, a portion of them will accept and use eurodns.
Again, you may think I’m wrong but give it a few years.
I have Unbound along with my pihole. Does that do the same job?
Yeah, unbound is a recursive server. It might be a tad slower but it does the job reliably.
You still have an upstream DNS server that you rely on to provide updates to your unbound server. Problem is that corporate or extremist government controlled DNS servers can track all of your requests as well as censor any domains they don’t approve of. And if DNS servers or their users don’t use secure protocols, then those requests additionally are tracked by ISPs or any other systems the requests travel through as well as them having the ability to block individual requests they don’t want fulfilled like the Great Firewall does or most corporate internal systems sometimes do to prevent employees from accessing social media or other sites they deem not work related.
