7
Network/Connectivity secondary dns forced to 8.8.8.8

  1. koma85
    Donut Feb 13, 2019

    koma85 , Feb 13, 2019 :
    Hi,
    I've noticed that if the dhcp does not provide a secondary DNS is automatically pushed the 8.8.8.8 by google.

    This is unacceptable.
    First if in a network you need to resolve internal addresses it won't work
    Secondary in many network the 53 is closed in outbound so your phone will be slower.

    Third (but not last) really?!?
    Do not touch network settings pushed by an admin. It could became a REALLY a security problem.
    In many corporation I work for (I'm a consultant so i need to change network/workplace often) manually changing the network settings is a security threat and it can be persecuted.

    Do us a favor and spare a security/legal affair and fix this thing ASAP.
     

    #1
    Sandahl84, kfahoo, mind_never and 4 others like this.
  2. F0RCE
    Cupcake Mar 9, 2019

    F0RCE , Mar 9, 2019 :
    Please fix this! I have just installed pihole and the only device, which is not working 100% correctly, is my 6T and after some research it looks like a 2nd DNS is forced to 8.8.8.8
     

    #2
    Daniel_2 likes this.
  3. DenyDarko
    Honeycomb Mar 9, 2019

    DenyDarko , Mar 9, 2019 :
    Omg. Jesus christ you're right.

    What the actual fu** is this total violation of user privacy?

    I don't know where you live but this is not legal under EU rules.
    1552126257942.jpg

    Seriously now?

    It needs root and afwall app but it'll do the job just fine if you put the following under afwall's custom scripts:

    $IPTABLES -A OUTPUT -d 8.8.8.8 -j DROP
    $IPTABLES -A OUTPUT -d 8.8.4.4 -j DROP
     
    Last edited: Mar 9, 2019

    #3
    onepang and Daniel_2 like this.
  4. SirJMD
    Eclair Mar 9, 2019


    #4
    onepang and Daniel_2 like this.
  5. Q1553000027140
    Cupcake Mar 19, 2019

    Q1553000027140 , Mar 19, 2019 :
    Same here. You ruined all my network configuration.

    Moreover, this is a privacy violation disclosing every hostname to resolve to Google.

    Please revert immediately.
     

    #5
    onepang, niabot and Daniel_2 like this.
  6. Daniel_2
    Cupcake Mar 28, 2019

    Daniel_2 , Mar 28, 2019 :
    Hey OxygenOS Team, are you reading Threads in your Community. I hope so!:)
    I also don't think its acceptable to have set the DNS Server/Resolver by the Operating System:mad:, maybe you could put it in if the DHCP Server does not distribute a DNS Server but not if he does! The best option/solution for me would be a option in the Phone Settings to automatically add this or other CUSTOM DNS Servers.
    I hope this DNS 8.8.8.8 Setting is not forced by Android itself.

    Thanks to all reading this and especially thanks to the staff member who would answer to this post or some other post in this thread.;)


    Sorry for my English, if it is bad.:cool:

    Update:
    After some more research in the Internet I found that it's probably not OxygenOS directly instead Android 9 (Pie). But I would anyway like a option in Phone Settings to toggle / set "auto DNS". That would be a VERY useful feature.
     
    Last edited: Mar 28, 2019

    #6
  7. mind_never
    Froyo Apr 5, 2019

    mind_never , Apr 5, 2019 :
    What the heck!? I was going bonkers wondering where the 8.8.8.8 as secondary DNS entry stems from, since the OP device is the only one in the WLAN exhibiting such.

    Now I am reading here that it has been forced baked into the latest Pie releases.
    This is completely unacceptable and inexcusable and a gross negligence/violence of the user's privacy.

    What is the private DNS mode worth, being switched off, then?
     

    #7
    onepang and Daniel_2 like this.
  8. DenyDarko
    Honeycomb Apr 5, 2019

    DenyDarko , Apr 5, 2019 :


    mind_never

    What the heck!? I was going bonkers wondering where the 8.8.8.8 as secondary DNS entry stems from, since the OP device is the only one in the WLAN exhibiting such.

    Now I am reading here that it has been forced baked into the latest Pie releases.
    This is completely unacceptable and inexcusable and a gross negligence/violence of the user's privacy.

    What is the private DNS mode worth, being switched off, then?​


    Private dns overrides this and any other DNS coming from dhcp.
     

    #8
  9. mind_never
    Froyo Apr 5, 2019

    mind_never , Apr 5, 2019 :
    After reading a bit it seems that big G is actually force feeding that secondary DNS setting by having it hard coded/baked into the OS and there 4 ways to escape this perhaps:

    • instruct the network router to serve secondary and tertiary DNS server entries to its clients
    • block access to 8.8.8.8 via firewall
    • set private DNS to the one of one's liking
    • root the phone and manipulate the DNS settings
    This is really BS, on one hand implementing private DNS for supposedly enhanced privacy whilst violating privacy in the first place with the forced secondary DNS.

    Perhaps time to leave the Android domain.
     

    #9
    Daniel_2 likes this.
  10. Gav_W86
    Starting Point Expert Apr 5, 2019

    Gav_W86 , Apr 5, 2019 :
    Likely not being picked up by staff in the general boards. Best way to get it to attention of staff as an issue is via https://forums.oneplus.com/feedback/
     

    #10
    DrJMun, Kytharsis and Daniel_2 like this.
  11. mind_never
    Froyo Apr 6, 2019

    mind_never , Apr 6, 2019 :
    It would only receive attention if a bulk of Android users would voice their concerns. But that is unlikely to happen, seeing that most are not aware and/or concerned, and so G can just do what they please.

    Convenience over security/privacy seems to be the users' motto these days...
     

    #11
    Daniel_2 likes this.
  12. DenyDarko
    Honeycomb Apr 6, 2019

    DenyDarko , Apr 6, 2019 :
    Nothing stops OnePlus from removing that "feature" though

    Here:
    https://forums.oneplus.com/threads/...his-dns-feature-introduced-by-google.1017065/
     
    Last edited: Apr 6, 2019

    #12
    Daniel_2 and mind_never like this.
  13. mind_never
    Froyo Apr 6, 2019

    mind_never , Apr 6, 2019 :
    Will see whether it warrants a response from the dev.

    Not sure what are the Android license terms imposed by G and whether the removal of this "feature" is even permitted. And even if so whether 1+ can be bothered considering that they are baking other "features" like DUO into their repo...
     
    Last edited: Apr 6, 2019

    #13
    Daniel_2 likes this.
  14. andreasruedel
    Cupcake Jul 19, 2019

    andreasruedel , Jul 19, 2019 :
    bump. please for privacy's sake.
    this is the moment when "don't be evil" is replaced with "our advertisers refuse to pay us if we allow users to block ads"
    Google is an advertising agency. They will not allow some plugin or DNS-based filters like pi-hole to jeopardize their revenue streams.

    Google gave us android for free, the world jumped on it.
    Now its no longer free yet the people and entire companies depend on it. All reasonable alternatives have been eliminated or bought out.
    Every drug dealer in the streets always gives you the first shot for free.

    Welcome to the dystopia that is 2019.
    It won't get better, people. Support your local open source project now.
     
    Last edited: Jul 21, 2019

    #14
    Daniel_2 likes this.
  15. niabot
    Cupcake Jul 25, 2019

    niabot , Jul 25, 2019 :
    This is just terrible. I needed my phone to resolve local DNS entries, but i couldn't. It ignored the WLAN DHCP settings and used 8.8.8.8 to resolve the address, which obviously failed. Who with a sane mind would do that? Please change that or I won't buy any oneplus phone again.
     

    #15
  16. DenyDarko
    Honeycomb Jul 25, 2019

    DenyDarko , Jul 25, 2019 :
    What's unacceptable is the fact that there's no opt out for this.
     

    #16
    Sandahl84 and Daniel_2 like this.
  17. Sandahl84
    Cupcake Sep 21, 2019


    #17
    Daniel_2 likes this.
  18. onepang
    Cupcake Jan 25, 2020

    onepang , Jan 25, 2020 :
    I've reported this in December already.

    https://forums.oneplus.com/threads/...-resolver-list-if-connected-on-wi-fi.1162273/

    Also, I reported this to Android issue tracker. But Google rejected the responsibility for this "bug". They blamed OnePlus!

    Google wrote:

    "Status: Won't Fix (Infeasible)

    Response from Engineering team:
    ==============================
    Unmodified Android code does not do this. It only ever uses the servers provided by the network. It's possible that this behaviour is specific to the OnePlus device you are using. Unfortunately, we cannot support non-Google devices because they may have modified the code in ways that we are not aware of. If you can reproduce this bug on unmodified Android code or a Pixel device, please reopen."
     

    #18
  19. Kytharsis
    Marshmallow Jan 25, 2020

    Kytharsis , Jan 25, 2020 :
    What's wrong with 8.8.8.8?
     

    #19
    Caomhin likes this.
  20. onepang
    Cupcake Jan 25, 2020

    onepang , via OnePlus 6T , Jan 25, 2020 :
    Various things.

    We have very good data protection/privacy in Europe. That is why I want my DNS data to remain in Europe. Even if 8.8.8.8 is located in Europe, it is not subject to European data protection/privacy laws. I have not agreed, that OnePlus sends my DNS queries to 8.8.8.8!

    Furthermore, my mobile phone has no connection to my home network if it uses 8.8.8.8 as its DNS server instead of my home router.

    Beside that "Google Public DNS" is a very fast and reliable DNS Resolver. But my ISPs DNS Resolver has this attributes as well and is, in addition, more trustfully for me.
     

    #20