Jump to content

Using Cloudflare with PIA? Privacy/Security

tippytipper

Hi I recently switched to using Cloudflare for my DNS Resolver. I like the snappy response and the privacy from my ISP.

 

I understand Cloudflare is not a VPN, but what happens if I use PIA while Cloudflare is being used for my DNS?

 

Will Cloudflare see my address requests while PIA is active?

 

In the PIA program under Settings and Network, the DNS is always set to PIA DNS.
So will this override my Cloudflare setting in my OS's network options? I'm guessing it does?

 

And what if my router is set to use Cloudflare, how would PIA work, I'm guessing everything would still go through the PIA software?

I'm hoping someone may know?

p.s. I know I could user PIA all the time, but I find my overall internet is slower; I find Cloudflare is a handy layer for a bit more privacy without having to use PIA all the time.

Link to comment
Share on other sites

Link to post
Share on other sites

2 minutes ago, tippytipper said:

but what happens if I use PIA while Cloudflare is being used for my DNS?

dnsleaktest.com check to see if your DNS requests are coming from cloudflare or not. If you are using unencrypted DNS, technically they can sniff them out but this is the case with every other unencrypted dns.

 

If you arent using DNS-over-TLS or DNS-over-HTTPS this is not the case.

3 minutes ago, tippytipper said:

I find Cloudflare is a handy layer for a bit more privacy without having to use PIA all the time.

mY sYsTeM iS Not pErfoRmInG aS gOOd As I sAW oN yOuTuBe. WhA t IS a GoOd FaN CuRVe??!!? wHat aRe tEh GoOd OvERclok SeTTinGS FoR My CaRd??  HoW CaN I foRcE my GpU to uSe 1o0%? BuT WiLL i HaVE Bo0tllEnEcKs? RyZEN dOeS NoT peRfORm BetTer wItH HiGhER sPEED RaM!!dId i WiN teH SiLiCON LotTerrYyOu ShoUlD dEsHrOuD uR GPUmy SYstEm iS UNDerPerforMiNg iN WarzONEcan mY Pc Run WiNdOwS 11 ?woUld BaKInG MY GRaPHics card fIX it? MultimETeR TeSTiNG!! aMd'S GpU DrIvErS aRe as goOD aS NviDia's YOU SHoUlD oVERCloCk yOUR ramS To 5000C18

Link to comment
Share on other sites

Link to post
Share on other sites

Thanks @Levent 

 

I ran the dnstest with PIA switched off and the ISP listed as Cloudflare.

I then enabled PIA, refreshed the page and repeated the test, and the ISP was also listed as Cloudflare.

 

But then I remembered that I had also enabled DoH in Firefox.
So I disabled that, then I ran the dnstest again and the ISP was listed as Cogent Communications.

 

So as long as DoH is not enabled it looks like PIA handles DNS.

And I would guess this is the same with any other software that could override the DNS at a different level.

 

If I disable DoH in my browser it means I can just switch on PIA and know that my DNS queries run through PIA; otherwise they will use the DNS as configured in my OS.


But without DoH Encryption is using Cloudflare still an advantage? I'm guessing yes, but potentially those unencrypted requests could be intercepted by reading the raw data?

 

 

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, tippytipper said:

But without DoH Encryption is using Cloudflare still an advantage? I'm guessing yes, but potentially those unencrypted requests could be intercepted by reading the raw data?

Nope. Without DoH or DoT you are basically using any other DNS, be it google or adguard.

mY sYsTeM iS Not pErfoRmInG aS gOOd As I sAW oN yOuTuBe. WhA t IS a GoOd FaN CuRVe??!!? wHat aRe tEh GoOd OvERclok SeTTinGS FoR My CaRd??  HoW CaN I foRcE my GpU to uSe 1o0%? BuT WiLL i HaVE Bo0tllEnEcKs? RyZEN dOeS NoT peRfORm BetTer wItH HiGhER sPEED RaM!!dId i WiN teH SiLiCON LotTerrYyOu ShoUlD dEsHrOuD uR GPUmy SYstEm iS UNDerPerforMiNg iN WarzONEcan mY Pc Run WiNdOwS 11 ?woUld BaKInG MY GRaPHics card fIX it? MultimETeR TeSTiNG!! aMd'S GpU DrIvErS aRe as goOD aS NviDia's YOU SHoUlD oVERCloCk yOUR ramS To 5000C18

Link to comment
Share on other sites

Link to post
Share on other sites

7 minutes ago, Levent said:

Nope. Without DoH or DoT you are basically using any other DNS, be it google or adguard.

Thanks again @Levent 
Even though the data is not encrypted, I suppose the only difference is the data would go to Cloudflare and not my ISP?
And as Cloudflare delete the data after 24 hours there is at least some extra privacy layer?

 

Link to comment
Share on other sites

Link to post
Share on other sites

31 minutes ago, tippytipper said:

Thanks again @Levent 
Even though the data is not encrypted, I suppose the only difference is the data would go to Cloudflare and not my ISP?
And as Cloudflare delete the data after 24 hours there is at least some extra privacy layer?

 

Probably, however around my part of the woods ISPs are known to meddle with unencrypted DNS for government level blocks.

mY sYsTeM iS Not pErfoRmInG aS gOOd As I sAW oN yOuTuBe. WhA t IS a GoOd FaN CuRVe??!!? wHat aRe tEh GoOd OvERclok SeTTinGS FoR My CaRd??  HoW CaN I foRcE my GpU to uSe 1o0%? BuT WiLL i HaVE Bo0tllEnEcKs? RyZEN dOeS NoT peRfORm BetTer wItH HiGhER sPEED RaM!!dId i WiN teH SiLiCON LotTerrYyOu ShoUlD dEsHrOuD uR GPUmy SYstEm iS UNDerPerforMiNg iN WarzONEcan mY Pc Run WiNdOwS 11 ?woUld BaKInG MY GRaPHics card fIX it? MultimETeR TeSTiNG!! aMd'S GpU DrIvErS aRe as goOD aS NviDia's YOU SHoUlD oVERCloCk yOUR ramS To 5000C18

Link to comment
Share on other sites

Link to post
Share on other sites

1 hour ago, Levent said:

Probably, however around my part of the woods ISPs are known to meddle with unencrypted DNS for government level blocks.

Aha, thanks again, good to know.
 

I suppose if I left DoH on in Firefox and happened to enable PIA the worst is that the DNS data would still go through Cloudflare, but then be deleted within 24hrs.

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×