Discussion:
Is Chromium 107 bypassing DNS settings?
(too old to reply)
James H. Markowitz
2022-10-31 15:48:10 UTC
Permalink
I run my own DNS caching server, with a series of rules that
return the 127.0.0.1 IPv4 address (and ::1 IPv6) for a number of hosts
that I don't care about. Thus, when I try to connect to any facebook.com
site I just get redirected to 127.0.0.1 - where there is nothing running.

This worked as expected until recent versions of Chromium, where
it does not any more - such certainly is the case in the latest 107
version, but it may have been present already in 106. The thing is, it
seems to happen under Chromium and other browsers derived from the same
code alone - I tried under Opera and Firefox (where I made sure that DoH
is not enabled) and I get the behavior that I want: facebook.com is not
reachable. However, under Vivaldi and Chromium it is.

Is Chromium pulling a fast one on me? Anybody know how one can
make sure that Chromium is using my system-wide default DNS server,
rather than one of its choice under the wraps?
James H. Markowitz
2022-10-31 15:59:23 UTC
Permalink
Actually, a few minutes after I posted this question I noticed
the following setting in my Chromium:

In Settings -> Privacy and Security -> Security, in the Advanced
section there is an option labeled Use secure DNS. This option was
enabled and set to With your current service provider. After disabling
Use secure DNS things go back to normal.

The thing is, I do not remember having enabled this on Chromium
nor on Vivaldi - which makes me a bit nervous.
Marco Moock
2022-10-31 17:57:39 UTC
Permalink
Post by James H. Markowitz
In Settings -> Privacy and Security -> Security, in the
Advanced section there is an option labeled Use secure DNS. This
option was enabled and set to With your current service provider.
After disabling Use secure DNS things go back to normal.
That uses DNS over HTTPS with Google DNS and bypasses you system's DNS.
Post by James H. Markowitz
The thing is, I do not remember having enabled this on
Chromium nor on Vivaldi - which makes me a bit nervous.
Normal behavior, it is enabled by default.
James H. Markowitz
2022-10-31 20:25:23 UTC
Permalink
Post by Marco Moock
Post by James H. Markowitz
In Settings -> Privacy and Security -> Security, in the
Advanced section there is an option labeled Use secure DNS. This option
was enabled and set to With your current service provider.
After disabling Use secure DNS things go back to normal.
That uses DNS over HTTPS with Google DNS and bypasses you system's DNS.
Post by James H. Markowitz
The thing is, I do not remember having enabled this on
Chromium nor on Vivaldi - which makes me a bit nervous.
Normal behavior, it is enabled by default.
I see - Chromium is now telling me what is good for me, and I am
going to like it, right?
bad sector
2022-11-01 02:35:59 UTC
Permalink
Post by James H. Markowitz
Post by Marco Moock
Post by James H. Markowitz
In Settings -> Privacy and Security -> Security, in the
Advanced section there is an option labeled Use secure DNS. This
option was enabled and set to With your current service provider.
After disabling Use secure DNS things go back to normal.
That uses DNS over HTTPS with Google DNS and bypasses you system's DNS.
Post by James H. Markowitz
The thing is, I do not remember having enabled this on
Chromium nor on Vivaldi - which makes me a bit nervous.
Normal behavior, it is enabled by default.
I see - Chromium is now telling me what is good for me, and I am
going to like it, right?
bullseye

BTW in any issues involving security the very first
suspect must be the security provider :-)

Or as we say around here, 'when did you get off the boat'?

We're headed into a new world odor in which like it or
not we all stream continuous live colonoscopies up to
'the cloud'.
--
Oh Lord of the Keyrings on high, have I got bad news for you: the word
trust is nowhere to be found in my security dictionary.
Marco Moock
2022-11-01 06:09:45 UTC
Permalink
Post by James H. Markowitz
I see - Chromium is now telling me what is good for me, and I
am going to like it, right?
That is why I use Pale Moon instead of Chrome/Firefox.
m***@privacy.net
2022-11-01 12:19:36 UTC
Permalink
Post by James H. Markowitz
Post by Marco Moock
Post by James H. Markowitz
In Settings -> Privacy and Security -> Security, in the
Advanced section there is an option labeled Use secure DNS. This option
was enabled and set to With your current service provider.
After disabling Use secure DNS things go back to normal.
That uses DNS over HTTPS with Google DNS and bypasses you system's DNS.
Post by James H. Markowitz
The thing is, I do not remember having enabled this on
Chromium nor on Vivaldi - which makes me a bit nervous.
Normal behavior, it is enabled by default.
I see - Chromium is now telling me what is good for me, and I am
going to like it, right?
I do like it. Why? You can circumvent censorship. I set "DNS over
HTTPS" in Firefox myself, because that way I can access webpages
banned by the EU.
Marco Moock
2022-11-01 15:17:22 UTC
Permalink
Post by m***@privacy.net
Post by James H. Markowitz
Post by Marco Moock
Post by James H. Markowitz
In Settings -> Privacy and Security -> Security, in the
Advanced section there is an option labeled Use secure DNS. This
option was enabled and set to With your current service provider.
After disabling Use secure DNS things go back to normal.
That uses DNS over HTTPS with Google DNS and bypasses you system's DNS.
Post by James H. Markowitz
The thing is, I do not remember having enabled this on
Chromium nor on Vivaldi - which makes me a bit nervous.
Normal behavior, it is enabled by default.
I see - Chromium is now telling me what is good for me, and
I am going to like it, right?
I do like it. Why? You can circumvent censorship. I set "DNS over
HTTPS" in Firefox myself, because that way I can access webpages
banned by the EU.
You can also do that by setting another DNS resolver in your system.
You can change your DHCOv4/DHCPv6/Router to tell every device to use
that specific DNS.
James H. Markowitz
2022-11-01 16:53:53 UTC
Permalink
Post by Marco Moock
Post by m***@privacy.net
Post by James H. Markowitz
Post by Marco Moock
Post by James H. Markowitz
In Settings -> Privacy and Security -> Security, in the
Advanced section there is an option labeled Use secure DNS. This
option was enabled and set to With your current service provider.
After disabling Use secure DNS things go back to normal.
That uses DNS over HTTPS with Google DNS and bypasses you system's DNS.
Post by James H. Markowitz
The thing is, I do not remember having enabled this on
Chromium nor on Vivaldi - which makes me a bit nervous.
Normal behavior, it is enabled by default.
I see - Chromium is now telling me what is good for me, and
I am going to like it, right?
I do like it. Why? You can circumvent censorship. I set "DNS over
HTTPS" in Firefox myself, because that way I can access webpages banned
by the EU.
You can also do that by setting another DNS resolver in your system.
You can change your DHCOv4/DHCPv6/Router to tell every device to use
that specific DNS.
Which is exactly what I do and also why this change in the
default behavior in Chromium is so irritating.

Loading...