Which means they absolutely abide the DSA and must block 'illegal content' which is pretty extensive these days. Includes 'hate speech' which isnt well defined, but only when ordered by a court. Not to mention various "disinformation" orders they must abide by now.
They are also subject to orders from ARCOM? for copyright related stuff.
They are also obligated to record and store all dns queries by ip essentially forever.
This is literally why the title claims "safer". They are censoring.
Characterization.
I'm certainly not aware of any possible ways of restricting things to make things safer where one couldn't just decide to call it censorship at least.
Control.
If it is an optional service provided to users it is moderation.
If it is not optional, then it is censorship.
I'm "free to leave the EU if I don't like it", as a certain kind of folk would say.
> https://cuiiliste.de/domains
> https://de.wikipedia.org/wiki/Clearingstelle_Urheberrecht_im...
(both are German websites, but they should be easily understandable for everybody)
dig bs.to @1.1.1.1
;; ANSWER SECTION:
bs.to. 164 IN A 190.115.31.20
dig bs.to @193.110.81.0
;; ANSWER SECTION:
bs.to. 300 IN A 190.115.31.20* nox.to
* getrockmusic.net
* libgen.gs
* sci-hub.st
Another interesting test case are the following domains (Russian propaganda websites) that many German (European?) internet providers are prone to block:
rt.com
de.rt.com
www.rt.com
ria.ru
radiosputnik.ria.ru
radiosputnik.com
"COUNCIL REGULATION (EU) 2022/350
of 1 March 2022
amending Regulation (EU) No 833/2014 concerning restrictive measures in view of Russia's actions destabilising the situation in Ukraine":
https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CEL...
They are also operating in Denmark, which have laws similar to those of Germany. One way they could get around the issue is perhaps by not actually being an ISP. I'm not a 100% sure, but I believe that at least in Denmark it's the job of the ISPs to block you from accessing certain sites. DNS blocking has been deemed sufficient. The providers of public DNS servers aren't ISPs so it's not their job to block the traffic. I also don't belive that e.g. Googles 8.8.8.8 is censured in the EU.
They were recently forced by Italy’s AGCOM to censor domains used for piracy, specifically they had to sign up to the PiracyShield thing that was also discussed here some time ago.
Also, I don't expect to have EU wide bans anytime soon because each country is into doing its thing in this regard. When Germany, Italy etc. are going trigger happy for piracy Eastern EU and the Nordics used to be or maybe continue to be the providers of that.
This list rather did rather become known because of a leak. Here is a German article about this topic: https://netzpolitik.org/2024/cuii-liste-diese-websites-sperr...
They provide variants for unfiltered DNS, blocking malware/phishing, and malware/phishing + pornography.
All variants are provided over IPv4, IPv6, DoH, and DoT.
https://www.cira.ca/en/canadian-shield/configure/summary-cir...
They know how to make low latency distributed network applications, but it isn't their day job and the pace of development of both Next and this shows it.
Perfect example how one can destroy whole concept with bad user experience.
Could you afford 4.4.4.4?
I truly don’t get this. Is it a Europe = bureaucracy take?
> they came up with IP's that can't be more random
Came up with? I imagine those novelty IPs are extremely difficult and expensive to acquire.
That said I 100% agree memorable IPs is very useful for DNS config.
The ip addresses are indeed not memorable, but users who change the settings of their routers won’t have too much trouble copy and pasting an IP address once or twice. Save it in a password manager and you’re done.
Bureaucracy has nothing to do with it, it’s a matter of resources.
For example
cat > rinetd.conf <<eof
logfile rinetd.log
logcommon
127.127.127.127 53/udp 95.130.17.218 53/udp [timeout=3]
eof
rinetd -c rinetd.conf
echo nameseserver 127.127.127.127 > /etc/resolv.conf
drill example.com
For example, the biggest country-wide payback program is payback.de, and their most of their coupon multiplier links here – https://www.payback.de/coupons/info – will be clickable, but silently not work after you purchase.
Adblocking is good, but I prefer when it's controlled and I can just open an incognito window or disable it temporarily when I need them, for whatever reason.
I don't understand this claim. Payback coupons have to be activated before purchase, so even if somehow that link wouldn't work anymore after a purchase it'd be too late anyway to have the coupon applied.
Can you elaborate or provide links for more information?
How much EU is in DNS4EU? - https://news.ycombinator.com/item?id=44255116 - June 2025 (108 comments)
DNS4EU, an EU-based DNS resolution service - https://news.ycombinator.com/item?id=44254610 - June 2025 (50 comments)
DNS4EU for Public Is Available - https://news.ycombinator.com/item?id=44190071 - June 2025 (78 comments)
edit: another key addition by NextDNS is a global infra footprint, rather than just in the EU. Oh it looks like there’s no anycast with the non-profit as well? And you have to pick your local resolver. I guess that makes sense because the main value prop of NextDNS (to me) is when I’m traveling and a local pi-hole won’t suffice.
You can stick to fiddling your way with sysv and x11 if you like. The world has moved on.
Of course.
At work, I use the system my employer provides, with systemd and gnome.
At home, I use the one that gives me the most freedom, with sysvinit and x11.
Such is the reality of life.
No, thanks. I don't want a "safe" DNS, I want one that always returns the IP of the host, no matter the actual safety/censorship policies of the day.
Claims it's 100% european, can't even have proper french. :-/
It's not traditional idiomatic, but we're also in 2025 and most people won't even understand the old idioms.
For instance, "a été testée au combat" is meaningless in French. The same idea in idiomatic French would be "a subi l'épreuve du feu". And I guess the "billions" should be only "milliards" (French uses the long scale, so the word "billion" exists but corresponds to a thousand billions as understood in (US?) English)...
That's where I'm saying going back to an older idiom just makes it classic, and doesn't help communication in itself IMHO.
A billion in French is 10^12 (1,000,000,000,000) so I doubt they truly served "billions de requêtes".
For comparison Cloudflare deals with 32 million requests per second[0]. I don't know if they're at CF scale, but in itself it's still a plausible number for a multinational DNS.
[0] https://blog.cloudflare.com/application-security/
PS: mistaking the short scale for the longer is common, but that shouldn't be a pretext to straight throw every use of "billion" under the bus.
But also, it's amazing that the EU can function at all with the amount of criticism it gets if every single little communication is not perfectly tuned for every potential European reader. :-/
Did you mean "no native English speakers"? There are - Ireland.
"First" is doing a lot of heavy lifting. I'm sure you well know there are 2 official languages in Ireland, and English is used by the majority of the population, and English-only speakers far outnumber the fluent bilingual speakers.
Of course on paper Ireland are going to hold Irish as supreme (which I support), but de facto and practically, the language of Ireland is English.
Ireland and Malta still remain EU members whose official languages include English.
More over, the lingua franca of Europe is still English, despite any French sadness that it's not French any more.
https://en.wikipedia.org/wiki/Languages_of_the_European_Unio...
https://www.cso.ie/en/csolatestnews/pressreleases/2023pressr...
(It's very French of you to complain about it, though.)
Added it to Librewolf and it works fine,
Just put the kids.dns0.eu on my grandkids phone and again it works perfectly.
I have of course already done this in the past with the Mullvad DNS with the family filter:
I would rather use an EU DNS server than any US shite.
dnsleaktest; on the Mx-linux machine
IP: 217.156.17.129 M247 Europe Brussels, Belgium
I do hope that the EU can slowly disconnnect from all USA services and have our own.
https://nlnet.nl/project/current.html
https://european-alternatives.eu/
You cannot have someone like TRump instruct/pressure/force microsoft to delete emails and accounts of the International war crimes investigators, who were investigating Israel for war crimes.
on paper it looks great
> dns0.eu is a French non‑profit organization founded in 2022 by Romain Cointepas and Olivier Poitrey — co-founders of NextDNS.
-> https://help.nextdns.io/t/y4hmv0n/who-is-behind-nextdns
> Who is behind NextDNS?
> NextDNS was founded in May 2019 in Delaware, USA by two French founders Romain Cointepas and Olivier Poitrey. Olivier has been working on Internet infrastructures for the last 20 years. In 2005, he founded Dailymotion, the largest video sharing service after Youtube and the most popular European website in the world at the time. He is currently Director of Engineering at Netflix, working on Open Connect, Netflix's home CDN also known as the CDN moving about 30% of the total US Internet traffic. Romain and Olivier closely worked for years at Dailymotion on many different projects. Romain ended up leading the mobile & TV department.
Brain gymnastics at work.
The laws don’t tell the entities what they should prepare for. Rather, they state that the entities must execute a proper risk assessment and prepare accordingly (obviously this is the rough summary. The actual legislations are a bit better worded than a 9pm forum post)
And given what’s going on in the world + the phrasing of the legislations, using eu based services is becoming a lot more attractive to these companies.
Which means that being a eu based company whose offer is “whatever US company X does, but a bit less mature atm, we’re working on it!” has gone from a pointless strategy to one that might just work.
Edit: BTW that last paragraph is not meant to imply that dns0 isn’t mature. I don’t know them. Just wanted to put in words the general vibe I’m picking up.
192.168. 1. 1 | Min | Avg | Max |Std.Dev|Reliab%|
----------------+-------+-------+-------+-------+-------+
- Cached Name | 0.000 | 0.002 | 0.002 | 0.001 | 100.0 |
- Uncached Name | 0.025 | 0.080 | 0.304 | 0.059 | 100.0 |
- DotCom Lookup | 0.027 | 0.039 | 0.129 | 0.026 | 100.0 |
---<-------->---+-------+-------+-------+-------+-------+
Non-routable local internet address
Local Network Nameserver
1. 1. 1. 1 | Min | Avg | Max |Std.Dev|Reliab%|
----------------+-------+-------+-------+-------+-------+
+ Cached Name | 0.027 | 0.029 | 0.039 | 0.001 | 100.0 |
+ Uncached Name | 0.028 | 0.037 | 0.080 | 0.016 | 100.0 |
+ DotCom Lookup | 0.029 | 0.034 | 0.059 | 0.007 | 100.0 |
---<-------->---+-------+-------+-------+-------+-------+
one.one.one.one
CLOUDFLARENET, US
1. 0. 0. 1 | Min | Avg | Max |Std.Dev|Reliab%|
----------------+-------+-------+-------+-------+-------+
+ Cached Name | 0.029 | 0.030 | 0.050 | 0.003 | 100.0 |
+ Uncached Name | 0.029 | 0.049 | 0.196 | 0.031 | 100.0 |
+ DotCom Lookup | 0.029 | 0.035 | 0.070 | 0.009 | 100.0 |
---<-------->---+-------+-------+-------+-------+-------+
one.one.one.one
CLOUDFLARENET, US
8. 8. 4. 4 | Min | Avg | Max |Std.Dev|Reliab%|
----------------+-------+-------+-------+-------+-------+
- Cached Name | 0.059 | 0.066 | 0.151 | 0.015 | 100.0 |
- Uncached Name | 0.059 | 0.080 | 0.290 | 0.045 | 100.0 |
- DotCom Lookup | 0.059 | 0.063 | 0.089 | 0.006 | 100.0 |
---<-------->---+-------+-------+-------+-------+-------+
dns.google
GOOGLE, US
8. 8. 8. 8 | Min | Avg | Max |Std.Dev|Reliab%|
----------------+-------+-------+-------+-------+-------+
- Cached Name | 0.059 | 0.066 | 0.105 | 0.011 | 100.0 |
- Uncached Name | 0.059 | 0.091 | 0.319 | 0.061 | 100.0 |
- DotCom Lookup | 0.058 | 0.064 | 0.089 | 0.008 | 100.0 |
---<-------->---+-------+-------+-------+-------+-------+
dns.google
GOOGLE, US
193.110. 81. 0 | Min | Avg | Max |Std.Dev|Reliab%|
----------------+-------+-------+-------+-------+-------+
- Cached Name | 0.058 | 0.068 | 0.102 | 0.014 | 73.0 |
- Uncached Name | 0.057 | 0.103 | 0.239 | 0.057 | 70.4 |
- DotCom Lookup | 0.059 | 0.072 | 0.089 | 0.013 | 57.9 |
---<-------->---+-------+-------+-------+-------+-------+
dns0.eu
DNS0EU, FR
185.253. 5. 0 | Min | Avg | Max |Std.Dev|Reliab%|
----------------+-------+-------+-------+-------+-------+
- Cached Name | 0.066 | 0.071 | 0.110 | 0.007 | 98.0 |
- Uncached Name | 0.069 | 0.103 | 0.289 | 0.057 | 97.9 |
- DotCom Lookup | 0.067 | 0.075 | 0.130 | 0.011 | 97.9 |
---<-------->---+-------+-------+-------+-------+-------+
dns0.eu
DNS0EU, FR
UTC: 2025-06-13, from 20:10:13 to 20:11:18, for 01:05.419
longstation•16h ago
apples_oranges•15h ago
Igrom•15h ago
cwassert•15h ago
ale42•14h ago
wsintra2022•15h ago
UI_at_80x24•15h ago
hans_castorp•15h ago
mtmail•15h ago
jorge-d•15h ago