I know this is an outrageously bad idea, I don’t need convincing. I am just looking for some more information and discussion on what exactly the exposure and surveillance risk is.
I’m asking both for my own education (I am still very green to networking), and to better explain to people in my life if and why they should care.
-
Is it true that traffic can be tracked and logged by ISP through DNS lookups, as these routers are preconfigured to use their internal dns service?
-
If this is changed (like base.dns.mullvad.net), how much does this actually mitigate the risk here?
-
What about when a VPN (mullvad) is also being used at all times? Would it then be “overly paranoid” to fear this untrusted box all the traffic goes through?
I personally take a conservative approach to things like this and assume it’s an unacceptable risk, but I don’t really understand what the truth is.
Thank you in advance for your time and thoughts.
EDIT: I’m asking about US and US adjacent areas
The DNS risk is not mitigated by a VPN, just shifted.Your VPN has full ability to log your connection if they wish. You have to decide who you trust more. Bear in mind that depending on your location, your ISP may be more legally restricted from snooping on you than a VPN hosted in another country (I know nothing about the US laws, further research would be required).
Also, unless you are using one of the encrypted DNS variants, just changing your DNS provider does nothing, as the ISP or VPN can snoop the unencrypted traffic regardless of its destination.