Change default DNS/NTP provider in systemd/Manjaro for privacy

I am following up on this request from matrix room
https://matrix.to/#/!PvQGNjiCNulFZsMPud:matrix.org/$15919619021282SxTMf:converser.eu?via=matrix.org&via=t2bot.io&via=privacytools.io

"https://github.com/systemd/systemd/issues/12499 The devs of systemd, use Google and cloudflare for fallback/default NTP and DNS, when asked to use privacy respecting alternatives, they call people conspiracy theorists. Did manjaro changed these defaults ? If not, can you please?"

According to @strit reply in matrix room: "It seems Manjaro does define nameserver, but they are the Google and Cloudflare ones: https://gitlab.manjaro.org/packages/core/systemd/-/blob/master/PKGBUILD#L97 "

I request to use privacy respecting alternative as well.

I propose using Snopita, but Adguard might be more suitable.


Adguard claims not to do any logging. Someone more experienced could know about better alternatives. More suitable provider should be well considered.

1 Like

DNS is always resolved by the local network - e.g. a local DNS like the router - using DNS provided by your ISP.

There is no reason to change how your local DNS is handled.

AND the link to Manjaro gitlab - Manjaro is using privacy respecting DNS

    # We use these public name services, ordered by their
    # privacy policy (hopefully):
    #  * Cloudflare (https://1.1.1.1/)
    #  * Quad9 without filtering (https://www.quad9.net/)
    #  * Google (https://developers.google.com/speed/public-dns/)
    1.1.1.1
    9.9.9.10
    8.8.8.8
    2606:4700:4700::1111
    2620:fe::10
    2001:4860:4860::8888
2 Likes

Reputation of all three providers and evidence suggests contrary to privacy respecting.

I Know, I use VPN or TOR always but not everyone does.
If it doesn't matter, then Snopyta or similar FLOSS friendly projects should be prefered in favor of big corporations anyway. Only privacy respecting way is no logging. All three do log and are known for data mining or analytics.

No matter what - these fallback are never used - so what is the problem?

If is a nonsense request - DNS is provided locally by your ISP and NTP requires an enabled NTP client - just search the forum for topic's where users complain on clock not correct and the countless CNS issues.

So there is not need to change the defaults - they are never used.

EDIT:
If you are so concerned you can easily change your settings to https://blog.uncensoreddns.org/

1 Like

THX for you explanation. But if they are never used they can be deleted then from systemd.

1 Like

No they can't be deleted, resolved requires a DNS fallback. Of course they can be deleted form the PKBUILD, but then the systemd-resolved defaults are going to be used.

The DNS fallback can also be overridden by a config.

3 Likes

This discussion is about the systemd-resolve settings. As far as I can tell that link is to a generic discussion of DNS settings, not systemd-resolved's, but I can't tell for sure since this link is to the home page, on which there are a lot of topics, one of which is "Guide explaining how to use the DNS servers" in Danish. So, I don't this was very helpful.

It is a free public DNS service (started 2009) with servers in multiple countries.

This topic is a waste of time - it is a bike-shed discussion because all DNS requests on a system is handled by the local network - as I mentioned earlier.

There is no reason to change the PKGBUILD just because you have read about the defaults.

The defaults are never used - so continuing this discussion is a complete waste of time.

3 Likes

Forum kindly sponsored by