Of course, we were either too ambitious, or too comical, or too naive when we wrote it; we had no way to know! 'Open sourcing' it, in the spirit of well... being more transparent about our intentions and why we are all-in, and sacrificing a tonne along the way in the pursuit of money, I mean, freedom.

It has been a painful yet fulfilling journey so far for the 3 of us.

Here's the doc:

rethinkdns.com
Revised: 26 August 2021

Mission: Develop and democratize security and privacy enhancing technologies.
Goal: Turn android devices into "user agents".

RethinkDNS is an open-source anti-surveillance tool for Android. The app currently has two modes: The DNS mode gives the end-user their own unique server-endpoint and routes all DNS traffic from the mobile device to their assigned endpoint encrypted over TLS. The end-user can enable (from a web front-end) pre-curated blocklists and/or add custom blocklists to block name-resolution of select domains, and optionally, capture DNS logs for analytics, reporting, and diagnostics. The Firewall mode lets the user deny internet-access to entire applications based on events like screen-on / screen-off, app-foreground / app-background, connected to unmetered-connection / metered-connection / always; or based on play-store defined categories like Social, Games, Utility, Productivity; or additionally, based on user-defined denylists.

Similar apps: Lockdown HQ (iOS), GuardianApp (iOS), NetGuard (android), Glasswire (android), Blokada (android), AfWall (android), Bouncer (android), JumboPrivacy (iOS), AdGuard (cross-platform), 1.1.1.1 (cross-platform), NextDNS (cross-platform), Pi-Hole (cross-platform), OpenSnitch (Linux), Snitch (macOS), PortMaster (cross-platform).

So far: Launched a MVP in August 2020 and have been in touch with users through that. The app has since been installed over 15000+ times with 3000+ DAUs. We continue to gather user-requests through email and telegram groups, and continue to prioritize feature-set based their inputs. In July 2021, we open-sourced our content-blocking DNS-over-HTTPS resolver, and are continuing to engage community input on how to best take that project forward.

Work ahead: The app is continuing to evolve into a comprehensive network security tool with immediate work focused on making insights from network flow actionable. Medium term, we’d like to release something similar for iOS, too. Current plans also include creating a novel VPN mesh-network where users who trust each other (typically, friends and family) can share each other’s bandwidth.

Quintessential user: Folks who want visibility and control over network activity of their unrooted android devices.

Monetization: The current plan is to sell cloud-based services to users that help them identify threats (ex: Indicators of Compromise, Security Information and Event Management) and side-step them.

Milestones: The only Indian team to be accepted into Mozilla’s Fix-The-Internet incubator in Summer of 2020. One among 1200 teams that applied, and one among 22 that made the cut. The developers at the Tor Project are some of our vocal advocates. TechRadar ranked us among the best security apps of 2020 and 2021.

Insights: For an always-on, always-connected device like smartphones, a network security solution may soon become a must-have, just like how anti-virus software is in the post-Internet PC-world. The concerns around privacy are such that users find it hard to trust anything that isn’t open-source, and isn’t built by developers with enough street-cred to go for them.

Challenges: Google or other Android OEMs themselves could bundle-in advanced network protection spelling the end of a tool like RethinkDNS. The other big elephant-in-the-room is to somehow monetize this open-source software among a consumer-base known to favour libre (free) solutions.

Endgame: A smartphone that makes it extremely hard for app developers to spy upon their unassuming, non-consenting users. This involves eventually taking over the mobile network itself (say, as a radically privacy-friendly MVNO or ISP) in ways legally possible and putting users-first instead of everything else.

A lot has changed since we wrote this. I mean, the 3 of us aren't even the same people that started this project: We've grown a lot because we've learnt a lot; made a tonne of mistakes (continue to), and endured the pain these mistakes inflicted upon us.

But: Still here. Still working. Time will tell how this pans out.

Tick tock.

Cover image: Androids dreaming up a blueprint for a time machine (link).

How many times must the cannonballs fly, before they're forever banned?

Consider for a second that I was a professional architect with a small-time firm, would I be spreading FUD if I report structural inefficiencies of a skyscraper you are building? Or, would you thank me for spending my valuable time reviewing your work out of no obligation? If you say you'd do the former, you're a gem. I have nothing against gems, just that I prefer bitcoins.

Privacy and security are very serious topics in our industry. The advances made in the recent years are nothing short of astonishing. Let's Encrypt , who vend free TLS certificates, now power over 200 million websites. The TLS v1.3 standard drafted by E. Rescorla CTO at Mozilla, is 160+ pages long, took 4 years to draft, has contributions from industry experts from around the world, and is a document full of considerations for end-user's privacy and security. On the other hand, engineers and cryptographers at Signal are pushing the envelope, going where any competent privacy and security conscious organization would aspire to go. Read this preview of just how they secure a user's PIN: state-of-the-art and expensive but that didn't deter them one bit (note: upcoming OPAQUE standard may be a cheaper way to accomplish a similar feat, curious reader). Despite stronger protections on Android, attacks that exfiltrate data are a reality and the world's most vulnerable professionals are at most risk.

If the Meltdown and Spectre exploits are any indicator, the stakes are very high and it is easy to see why companies, even the ones that get a bad rap for privacy, go to extreme lengths to secure their user's data. The recent supply-chain exploits make it clear that the Information Security industry is no place for ego-building or showcasing fake mastery of forbidden arts. Very capable engineers, academics, cryptographers, and hackers have all had their fair share of fails in the face of scrutiny that their work invites. That's the nature of the beast. The best among us, keep their heads down, and off to work they go month after month, year after year, to mitigate threats, and address exploits with utmost consideration, with their hubris, arrogance, and pride firmly tucked away. After all, by being cordial and humble is how the industry got here. If Dan Kaminsky were alive, he'd tell you this is how all of this is supposed to work. There is no competition here, just progress, hand-in-hand, and that's all that matters.

A brave new world

How many years must a mountain exist, before it is washed to the sea?

The RethinkDNS' team own journey started in late 2019, as bravedns.com, with wanting to build an app that lets users be in control of their always-on, always-connected devices. Mozilla generously awarded us a $16K grant in June 2020, in the midst of a terrible pandemic, to help us deliver on that promise. Google's Intra project gave us a strong-base from which to build. But there are several other projects we looked at, notably, Nebulo by Daniel Wolf, DNS66 by Julian Klode, CoreDNS by the CNCF Foundation, and Blokada by Blokada AB (a for-profit? a non-profit? It isn't clear).

Fast-forward to August 2020: Since DNS-based content-blocking forms one part of what RethinkDNS is, we naturally studied the open source projects to inform our own engineering decisions. I appreciate to not have to go through twenty-five RFCs to implement a single feature and these open-source implementations come in handy. So, given the amount of benefit we derived, we decided to open-source everything we build too, including the DNS resolver (server-side code).

In September exactly in the time I was down with covid-19 like symptoms, XDA did a feature on us that brought in a massive influx of new users to our tiny little toy app. Otherwise, nothing of note happened. We did focus on integrating DNSCrypt v3. It supports Anonymized DNS queries which really ups the ante in terms of thwarting surveillance. How could we not implement it? Oblivious DNS-over-HTTPS has our interest piqued as well.

You've got mail

How many times can a man turn his head, and pretend that he just doesn't see?

And then came November. I found things in Blokada's code-base that seemed off. For my money (to borrow a term from Football), it was a "clear and obvious error" on part of the Blokada AB employees developers. I was hesitant to engage at first, because RethinkDNS + Firewall does come off as a competitor, even though, it is not, despite the current similarities. RethinkDNS' an anti-censorship and anti-surveillance tool and more spiritually aligned with the now-defunct OpenWhisperSystems (by the same folks that later created the Signal Messenger).

December. We wrote to one of the Blokada employees admins privately on Telegram informing them of one among the issues we had found. The response was rather lukewarm. Later, in January 2021, we informed the employee admin of Blokada's use of an analytics company, rebrandly.com, for their go.blokada.org URLs which were peppered, littered, sprayed across their app. Disappointingly, we were stonewalled, got no response.

We gave it a ninety-days.

In the meantime, RethinkDNS was rocking the all-new dark theme. Integrated Orbot. Got hacker-news'd. Addressed some of its battery-drain bugs. Re-designed the webpages. Survived a DDoS attack. Open sourced the server-side DNS resolver code. Eventually, in one of its finest moments till date, got up and running on F-Droid, too.

New years. For 30 days, a lead developer on RethinkDNS was down with a nasty viral infection. Things slowed down. Life it seems, hits you the hardest when you're down, because they caught another virus, a month later. 30 more days and counting. The feature backlog ever increasing. Sigh.

Store of value

How many ears must one man have, before he can hear people cry?

Where were we? Yeah, 90 days later, that is sometime in March 2021, I reported what I had found to the F-Droid maintainers. They are plenty serious about such things and were quite helpful and gracious.

The F-Droid maintainers gave it a 30 days.

If anyone is familiar with IzzySoft's work, one of the F-Droid maintainers, they'd agree when I say that IzzySoft's one of the most level-headed, soft-spoken, mild-mannered person you're going to meet on the Internet. IzzySoft isn't even a developer but goes out of the way to help out with so many developer related issues, and frankly, it is ridiculous that someone would do so voluntarily year-in year-out, heads-down, full of humility, poise, and class.

A bitcoin of a person.

In light of in-action from Blokada employees developers, The F-Droid maintainers, after their customary weekly sync-up call on 6 May 2021, reached the decision to mark Blokada for Tracking its users.

Two days later, seemingly triggered into action, Blokada employees developers were heads-down addressing those issues; but only for the F-Droid builds. The apparent reason was they were time constrained to act (despite having known about issues for 5 months at this point). So, if you're using other Blokada build flavours, count your lucky stars that F-Droid exists and you can switch to downloading Blokada from there. Also, do not forget to donate to F-Droid. It is a woefully underfunded effort. I would but I haven't made a single dime in the past two years I have been building RethinkDNS and associated services. I wonder how much Blokada AB donates to F-Droid? I'd be pleasantly surprised if it was anywhere close to $fuck-all-a-year.

Talk is cheap

The answer, my friend, is blowin' in the wind

Here comes the kicker though, instead of a mea culpa, the Blokada CEO lead developer claims F-Droid's acting in bad faith, is influenced by a competitor (aka yours truly) spreading FUD:

"We’ve been present on F-Droid for several years now, without ever raising any concern. If you have been following our announcements, you may also be aware that our presence on F-Droid was occupied with a non-explainable tardiness from F-Droid in regard to reviewing our update merge requests, causing at least 2-4 week delays for availability of the majority of our update releases. This together with the recent events begs to question F-Droid's objectivity."

Gem.

You know what's FUD?

"The underlying policy of Blokada VPN is that we want you to remain anonymous."

The Tor project, a 22 people organization of world-class experts, with decades of altruistic and ground-breaking work behind them, don't guarantee anonymity, since they know a lot depends on the users themselves and numerous other attack vectors out of Tor's control. I digress.

See, there's nothing against telemetry or tracking. DuckDuckGo and Mozilla Firefox both engage in it, but they're radically transparent about it. Blokada is free to engage in it too or not engage in it, their decision, but they should be, at the very least, transparent about their choices and claims.

For instance, in their privacy policy or terms of use, you'd be remiss to find any mention of Rebrandly, Google, AWS, Github, and Cloudflare. They use all of the above. For variety infrastructure they host. Again, nothing wrong but that transparency is fatally lacking, the hypocrisy notwithstanding:

What are the benefits of Blokada DNS? Use the DNS service made by the team you have been trusting for many years. No need to use providers with questionable track record, like Cloudflare.

FUD?

"Oh fuck off, Blokada has user's best interest at heart, you clown", you say. I hear you. As they say, the path to hell is paved with good intentions.

Marketing and sales

The answer is blowin' in the wind

In my humble opinion, "an open source project dedicated to developing the best ad blocker and privacy app for Android and iOS" needs to live and breathe those ethos. I can go on, but this has been a mouthful already, and so, I'd spare you and leave you with this:

"We hope you appreciate the level of transparency on our side, and hope you keep enjoying Blokada."

Enjoy.

images: xkcd/574 | xkcd/463.

I'd like everyone to take a deep breath and listen for a minute. - Bruce Schneier .

We are excited to share what we’ve been working on for the past few weeks at rethinkdns.com, a configurable DNS over HTTPS resolver and a companion Android app.

The DNS over HTTPS resolver is deployed to 200+ locations to ensure low-latency and robustness. The state-of-the-art HTTP/3 and TLS v1.3 protocols are built right-in. Availability is number one priority at RethinkDNS and our deployment strategies, development practices, and the architecture reflects that, though we realise achieving high availability is much harder and so it is pretty much a continuous and an ongoing process for us.

The companion free and open-source Android app is forked from the excellent Intra project by Jigsaw. We’ve made changes to the codebase to include a firewall and changed the UX dramatically. The app itself doesn’t support HTTP/3, yet, though the resolver does.

How it works

1. Visit rethinkdns.com/configure. No sign-up required.

2. Choose from over 170+ lists to block spyware, adware, malicious websites and more.

3. Copy paste the resulting URL in to any DNS over HTTPS client, like the ones that ship with Firefox.

In our trials with users, we have found that a staggering 60% connections from Xiaomi and Vivo phones were blocked when the rethinkdns endpoint was configured to enable seven popular blocklists (dbl.oisd, adguard, steven-black, anudeep, yhosts, energized ultimate, and 1hosts pro) totaling around 3 million entries. The numbers were lower but not stellar for Oppo (50%), Realme (50%), and Oneplus (30%) phones either. Note that, the block-count is a function of the app usage and websites visited and not just the manufacturer of the phone. Some people using Pi-Hole for DNS content blocking have reported numbers as high as 87%, and so even though it is trivial for apps to workaround DNS based content blocking, it still remains pretty effective and cheap way to block content across all applications.

RethinkDNS is a stub resolver that forwards queries to 1.1.1.1 and by extension supports Query Name Minimization and DNSSEC but doesn’t support ECS (EDNS Client Subnet).

RethinkDNS does not log requests by default.

There is currently no charge to use DNS service itself but in the future, we plan to monetize by providing additional functionality on top of just content blocking.

Market

The effectiveness of DNS based content blocking has seen a plethora of companies building pretty impressive products in the past few years, some of them very advanced and feature rich. The point of building yet another such service stems from our frustration in using those, though we're personally big fans and inspired by NextDNS, Cloudflare Gateway, and pi-hole ourselves.

First, RethinkDNS core focus is high availability: We try hard to prioritize it over any other decision we take. In our trial runs (albeit not super high scale), we found no traces of downtime, despite continuing to add new features. Some times focusing incessantly on availability has meant higher costs and that has meant we couldn't possibly provide the service for free, not forever at least. The RethinkDNS resolver, as of today, runs on Cloudflare Workers, but we have already begun exploring building a redundant architecture on top of other Serverless offerings, like fly.io and stackpath.com.

Second, we are on a mission to democratize security solutions for consumers and DNS is just the start. Our initial focus are mobile devices that are always-on, always-connected. We believe there's value in helping 2B+ users secure their Androids with usable security tools otherwise long relegated to the confines of large enterprises and guild of computer geeks.

Third, we deeply believe in an open internet. Routing DNS to uncensored endpoints helps circumvent censorship in countries where deep-packet inspection isn't prevalent, and with ECH (Encrypted Client Hello) around the corner, this will prove to be a very cheap but effective tactic in bringing uncensored Internet to billions of Android users, for a start.

Fourth, is we have abhor surveillance capitalism and would continue to build tools that expose it. For example, DNS requests reveal a lot of information that can inform the user about what's happening on their devices with the apps they've installed or ones that they didn't but came pre-installed. There's nothing distasteful about data collection done with regard for privacy (providing opt-outs) and state-of-the-art data-handling practices for the benefit of the users-- for example Google Photos app categorizing photos based on location, grouping them based on people, clustering them based on trips has a modicum of utility for folks that opt for it. Though, data collection just for the sake of it without a care in the world for user's privacy, without strict controls over its protection bounded by questionable user-agreements is what irks us, and letting users take control of their devices by giving them tools that they can use without requiring a computer science degree would hand them ability to resist such unabated inroads into their private lives, even if not by much, but it is a start. And we're excited to see how far we can get.

Who are you

We're concerned engineers willing to put in the work, I guess. That said, you shouldn't trust us anymore than you trust any other stranger on the internet, but hopefully, we are able to earn it over a period of time by engaging with the community and proving our credibility by walking the talk. RethinkDNS is a work of three friends from India, Mohammed, Murtaza, and Santhosh with around 20 years of industry experience between them at Amazon, IBM, and Scientific Games, who got together sometime in November 2019 to build this. If you were as excited as we are, you'd probably quit your job too :)

One more thing

Mozilla backed us early in our journey through their Fix-the-Internet MVP initiative in May 2020 and we are grateful for it.

If you want to reach out to us with suggestions or requests or regarding anything else at all, feel free to email us at hello@celzero.com.

Thanks to Bart Decrem and Patrick Lu for reading drafts of this.