DNS correlation.. is it possible?

Freewheeling spot to chew the fat on anything cryptostorm-related that doesn't fit elsewhere (i.e. support, howto, &c.). Criticism & praise & brainstorming & requests for explanation... this is where it goes when it's hot & ready for action! :-)
Posts: 1
Joined: Sat Sep 09, 2017 2:42 am

DNS correlation.. is it possible?

Post by B555B6 » Sat Sep 09, 2017 2:03 pm

Hey everyone :) first wanted to thank all the CS team for amazing work! i've been running CS for more than 2 years without any problem :D

Now my question: my second router runs an openvpn client with one of the voodoo configs and uses one of the CS's deepdns with dnscrypt with the option no-resolv
Now would it be possible to correlate my web browsing by which dns (crypt) I'm using?

User avatar
Site Admin
Posts: 495
Joined: Thu Jan 01, 1970 5:00 am

Re: DNS correlation.. is it possible?

Post by df » Mon Sep 18, 2017 3:26 pm

If you're using DNSCrypt to connect to the DeepDNS servers, then your DNS is encrypted between you and us. So no, it wouldn't be possible to correlate the websites you've visited against your DNSCrypt traffic.
If you're just using our DeepDNS servers as plain DNS servers, then yes, it would be possible for your ISP to see what hosts you're resolving since that would be plain/unencrypted DNS.