stevelup wrote:Don't forget that Chrome ignores your system wide DNS settings and -always- makes sneaky requests to Google's DNS servers. And even if you block 8.8.4.4 and 8.8.8.8 on your firewall, it tries using myriad other addresses as well. But if you're cool with that, that's also fine!
I mean, on that basis you could argue that it's virtually malware.
I've seen various similar claims about this - so have been monitoring for a few days.
Firewall level monitoring catching all port 53 requests.
Not seen any DNS requests going to anything other than my own DNS servers, and to OpenDNS servers for the kids devices.
Content is correctly blocked with opendns as expected, which wouldn't work if DNS was being bypassed. I see similar behaviour in e.g. public wifi networks that use DNS blocking - if I change my system DNS to 1.1.1.1, then Chrome seems content to use it.
That's across Android, Mac, Windows, and iPad versions of Chrome.
From a bit of Googling - the implication is that Chrome did/will attempt to use Google DNS servers if you are on an IPv6 enabled network, and your DNS server returns invalid AAAA responses - not sure if that's the only scenario.