I have been looking through the DNS and ad blocking options as I currently have a AdGuard lifetime licence. I can see that AdGuard home is recommended, but the web based DNS option they have is not suggested (yet).
Nextdns is suggested instead. What is the difference between the 2? Is nextdns a better option? If I already have an AdGuard account, that offers cloud DNS, then why sign up for an alternative, additional service that does the same thing?
I have also noticed how a lot of services are jumping on the VPN and now temp mail ban waggon, AdGuard included, so is it worth adding AdGuard VPN to the list of options or are there parts they need to improve on before being added? Their app is very good for blocking ads where dns seams to fail from experience, such as in mobile games and such. I am giving rethink app a go, which seams to do quite well.
I have noticed how a lot of services seam to overlap in products and features, such as AdGuard doing temp mail but so does simple login and DuckDuckGo mail. So how does one choose between which is the best option? It may be more convent and more sortable to have a 1 service that covers your needs. But one is putting all their trust in that one service. On the flip side, having multiple accounts may increase a larger attack service (i.e. email being prawned). But the advantage is less reliance on 1 whole service and also follows the Unix philosophy of do 1 thing and do that one thing well.
I know @ameshkov from AdGuard has talked before here. But what are other peoples thoughts should I ditch AdGuard and delete my account and stick with nextdns and rethink on mobile, then use say Mullvad or Mozilla VPN? Or stick with whatever option. AdGuard on mobile, nextdns and then say Mullvad and keep Mozilla relay (which has not been added yet).
Yes, you donât have to. DNS resolution is commodity. Stick with what works.
That privacy companies in the space are doing more things means theyâre growing. A usual thing for software shops.
Youâre right about the pros and cons. Personally, I donât like mingling multiple services under a single user; but then the problem I face is having my personal data dispersed across multiple providers, all of who I now have to trust.
As a rule of thumb I like: if it ainât broke, donât fix/change it; that is, if the service providers havenât broken your workflow (pulling their apps from alternative app stores or locking-down their product etc) / your trust (not taking security seriously or non-existent customer support or banning your account without cause etc) / your other software, always prudent to stick with them.
See above (:
Though, if youâre actively looking for a change, then moving to equally capable/private/secure services/tools is not going to bother you much.
I canât recommend Adguard DNS. Routing is very bad and it always leaks DNS. You can see my previous posts about it. NextDNS is the better option but it is in maintenance mode and donât expect any new features. Control D is better than NextDNS but it lacks POPs compared to NextDNS. Featurewise CD has the most, and support team is very responsive.
For VPN, I find Proton and Windscribe fastest ones, Mullvad is mediocre and IVPN is the worst. I never used Adguard VPN as paid option, so canât comment on it. If you need IPv6, Mullvad and IVPN are the only choices. Proton released IPv6 on Linux client but not on Windows, Mac and mobile clients. Proton also lacks DoH/DoT support. Windscribe doesnât support IPv6 and they keep quiet about it when asked. Their clients support DoH/DoT unlike Proton.
FYI, if your VPN provides its own DNS server and you donât use separate 3rd party DNS, then DoH/DoT donât matter, since all traffic is routed through the VPN anyway.
Both Proton and Mullvad recommend not using DoH/DoT when using their VPNs for this reason.
If they could block ads and trackers and had capabilities of a managed DNS services, I wouldnât have to use 3rd party DNS services but they are very bad at that.
Only good thing is, there are no latency issues with VPNâs own DNS server and they provide privacy compared to using another DNS provider