Verisign, the Internet security and domain registration company, has become the newest organization to offer a free public DNS service, called Verisign Public DNS, which it says will ensure users’ privacy online.
The service, which was announced this fall, provides better security and more reliability than the default DNS services that most people get through their Internet Service Providers (ISPs), according to Verisign. “Verisign Public DNS is a free DNS service that offers improved DNS stability and security over other alternatives,” the company says.
At the same time, the company promises more privacy by vowing not to sell DNS users’ records or use DNS information to deliver ads to users’ computers. “Unlike many of the other DNS services out there,” the company says, “Verisign respects your privacy. We will not sell your public DNS data to third parties nor redirect your queries to serve you any ads.”
Is Verisign Public DNS the best option for people worried about online privacy and censorship? That’s a tough question to answer. On the one hand, Verisign DNS is almost certainly better than the average ISP’s DNS, since most ISPs make no promises related to protecting users’ information. Plus, as a company whose reputation is built on providing online security tools, Verisign has good motives for protecting DNS records. And since the company’s DNS servers are based in the United States (according to IP geolocation data), it’s unlikely that Verisign DNS would censor websites by refusing to provide their IP addresses.
On the other hand, Verisign is part of what you might call the corporate Internet establishment. It’s in the same class as companies like Google or Facebook, which like to talk about Internet privacy, but which have histories of cooperating with government censorship. A cynic might note that Verisign’s promise not to “sell your public DNS data” or use it to serve ads does not exclude the possibility of giving the information away for free to government authorities.
But, again, Verisign Public DNS is probably much better than the default alternative when it comes to online privacy. If you want to give it a try, the server IP addresses are 64.6.64.6 and 65.6.65.6. Full configuration instructions are available here.
For other private DNS options, check out this page.
They are making promises that they can’t keep. Just read their terms of service, which has a law enforcement clause, among others. If they are really for privacy, then they should turn off logging. That will at least prevent some of the most egregious privacy problems.