nextDNS is basically a DNS service that has an "integrated pi-hole" to the cloud.
They use their own proprietary software, so it is not actually a Pi-hole.
It also provides IPv6 coverage, DNS over TLS (DoT) and DNS over HTTPS (DoH) as standard. They are privacy-friendly and their terms & conditions state that they do not retain any user data.
Their UI (user interface) is straightforward with a dashboard accessible via any internet connection.
Lists of categories to block
It is possible to choose from lists of categories of areas which you want to block or allow and in the advanced set up mode you can identify individual URLs for ‘treatment’.
This is something really cool as you can select a big amount of blockers and have literally millions of websites, trackers and analytics blocked before it ever reaches your device.
You can also select services like WhatsApp, Instagram, Facebook and the like for blocking (if you so choose) and even have that featured time-barred i.e. only blocked for a specified period.
The rewrite feature allows users to redirect a domain to a differing domain or IP and their analytics can be set to provide graphs and lists of the blocked and most accessed domains.
These settings allow you to monitor logging, data retention periods, DNS Rebinding Protection and the DNS blocking modes.
The iOS version now also has a feature where you can select a nearby but private destination, in our case we have recently ‘moved’ to Hong Kong!
This sounds all really good, does it not? Well yes and no........so why we don't love it like we should?
First of all, when you dig deep you find the 3rd party cookies from Google including google analytics, googlapis and other ‘googly’ s**t’ in there.
Ok, we understand that's for stats, but if you offer privacy...that is not the kind of stuff you want to see!
Additionally, the service is registered and hosted in the USA and that a big No-No for us. But the final and biggest NO! is Cloudflare!
The service uses Cloudflare and if you don’t know about them, maybe read this article. (As a side experiment, try accessing their white paper via TOR......that is of course triggered by the cloud fair protection ;))
Overall, a good job, guys, and definitely a step in the right direction, but we can't give you the double thumbs up that you would deserve if your service actually delivered privacy in a cloud ;)
Endnote: For adblocking, we recommend a Pi-hole or Adguard Home setup which we will cover soon here in DECENTRALIZE.TODAY and back link to here.
If you have an iOS device, we will have something pretty cool covered for you tomorrow - DNSCloak