Skip to main content

Cloudflare's new consumer DNS service promises a faster, more secure internet

You'd be forgiven if DNS news wasn't on your radar for April Fool's day, but that's just what Cloudflare served up this weekend. In what is very much not a joke, the company announced a new consumer DNS service called 1.1.1.1, with a focus on speed and privacy.

The problem that Cloudflare is trying to solve is what it sees as a system that is often slow and insecure. From Cloudflare:

Nearly everything on the Internet starts with a DNS request. DNS is the Internet's directory. Click on a link, open an app, send an email and the first thing your device does is ask the directory: Where can I find this?Unfortunately, by default, DNS is usually slow and insecure. Your ISP, and anyone else listening in on the Internet, can see every site you visit and every app you use — even if their content is encrypted. Creepily, some DNS providers sell data about your Internet activity or use it target you with ads.

The company's alternative, 1.1.1.1, places a large emphasis on privacy, with a promise to wipe all logs within 24 hours and to never log your IP address. Cloudflare says that it has also hired a firm to audit its code and practices annually and produce a public report to ensure that it is keeping its privacy promises.

Cloudflare's service also offers support for DNS-over-TLS and DNS-over-HTTPS. Both protocols ensure greater security of web traffic, and Cloudflare is hoping that its support for DNS-over-HTTPS, in particular, will result in greater support for the protocol. "We're hoping that with an independent DNS-over-HTTPS service now available, we'll see more experiments from browsers, operating systems, routers, and apps to support the protocol," the company says. Cloudflare is also positioning the DNS service as a way for citizens to work around internet censorship during government crackdowns.

What's more, Cloudflare is promising that 1.1.1.1 currently ranks as the fastest DNS resolver, averaging around 14ms globally.

Cloudflare DNS chart

If you're interested in trying out Cloudflare's DNS service for yourself, you can visit the 1.1.1.1 website to learn how to get started.

Dan Thorp-Lancaster is the Editor in Chief for Windows Central. He began working with Windows Central as a news writer in 2014 and is obsessed with tech of all sorts. You can follow Dan on Twitter @DthorpL and Instagram @heyitsdtl. Got a hot tip? Send it to daniel.thorp-lancaster@futurenet.com.

9 Comments
  • Thanks for the heads-up 😉
    I'm trying it now and it's really fast 😃 Note:
    Set your primary DNS to 1.1.1.1 and the secondary one to 1.0.0.1
  • " GV, Google Capital: Alphabet's investment arms. GV (formerly Google Ventures) invests in startups as well as later-stage companies, whereas Google Capital exclusively pours its money into slightly more established firms that are technologically oriented. For example, GV has invested in Medium, Slack and Uber. Google Capital has invested in Cloudflare, Glassdoor and Duolingo." https://www.washingtonpost.com/news/the-switch/wp/2016/02/24/how-to-tell...
  • What's the truth here? Their pitch seems like a classic bate and switch. They mention other services tracking the hostnames you're resolving (browsing to), but then they say they are different because they are not tracking your IP address. That's not any more private. IP addresses change frequently as you move from network to network, so they must be tracking you another way. When a product is free, then you and your data is the product.
  • Nah bro just trust them, it totally wouldn't have cost them anything to get access to 1.1.1.1 or 1.0.0.1 and they are providing the world a convenient service for free. Plus they promised they'll sell all they know about you within 24 hours of you providing it to them. And they totally won't hijack your dns resolutions.
  • Cloudflare has other businesses that make it a lot of money. Just like Google, who also provides a DNS service.
  • Actually not in this case. Cloudflare got these fancy IP addresses and is running a free, private and secure DNS service to do research. So you see, they are making (indirect) money with it (strengthening their core business) without having to sell you as the product. I suggest you check out the official pages and cloudflare's blog posts explaining it.
  • Oh boy! After testing with libre app DNS66, this dns crashed the app, still not stable unlike OpenDNS. Ugh!
  • Funny, pairing with apnic, their IP ranges have been the source of most hacking attempts I've seen recently. Anyone doing country blocking is likely to be blocking that range.
  • That's why they got those IPs ;). They have a deal with apnic to do joint research on the junk traffic (not the DNS requests). They can use that to pressure ISPs or transit providers to clean up their junk and just in general to make sure their main product (web application security) is better than everyone elses.