Understanding Transparent DNS Proxy: What Maxis and TIME Are Doing with Your Public DNS Servers

In a recent move that has stirred considerable attention, Maxis and TIME, two major Malaysian ISPs, have implemented a Transparent DNS Proxy on their public DNS servers. This change has significant implications for internet users, especially those relying on third-party DNS services like Google DNS or Cloudflare.

What is Transparent DNS Proxy?

Transparent DNS Proxy is a technique used by ISPs to intercept DNS queries that are supposed to be resolved by external DNS servers and instead route them through their own DNS servers. This process occurs without the user’s knowledge or consent, hence the term “transparent.”

How Does It Work?

When you type a website’s URL into your browser, your device sends a DNS query to translate that human-readable address into an IP address. If you’re using a public DNS server like Google’s 8.8.8.8, your query typically bypasses your ISP’s DNS servers. However, with a Transparent DNS Proxy in place, your ISP intercepts this query and resolves it through their DNS servers, regardless of your configured DNS settings.

This can be achieved by the ISP redirecting DNS requests to a local DNS server, even if the user has manually configured their device to use a different DNS provider. The user remains unaware because the process is seamless, and the expected DNS resolution occurs—just via a different route.

The Impact on Users

For most users, this change might go unnoticed in day-to-day browsing. However, for those who value privacy, speed, or specific DNS-based services, this can be problematic:

1. Privacy Concerns: Transparent DNS Proxying allows ISPs to monitor and log DNS queries, potentially compromising user privacy. Even if you’re using a third-party DNS service for enhanced privacy, your ISP can still see the sites you’re trying to access.
2. Performance Issues: Public DNS servers like Google DNS or Cloudflare are often chosen for their speed and reliability. By redirecting DNS traffic, ISPs may introduce latency or slow down internet speeds, especially if their DNS servers are less optimized.
3. Loss of Control: Users who intentionally configure their devices to use specific DNS servers lose the ability to bypass their ISP’s DNS infrastructure, potentially affecting services that rely on custom DNS settings.
4. Security Risks: Some users rely on specific DNS configurations to avoid phishing or access geofenced content. Transparent DNS Proxying can undermine these protections, potentially exposing users to security risks.

Why Are ISPs Doing This?

ISPs might implement Transparent DNS Proxying for several reasons:

• Network Management: By controlling DNS queries, ISPs can manage traffic more efficiently and enforce network policies.
• Content Filtering: It allows ISPs to implement content filtering or censorship at the DNS level, blocking access to certain websites.
• Monetization: Some ISPs may use DNS data for advertising or other revenue-generating purposes.

Maxis and TIME’s adoption of Transparent DNS Proxy raises important questions about user privacy and the balance of power between ISPs and their customers. While the impact may be minimal for casual users, those who prioritize privacy, speed, and control over their internet experience should be aware of these changes and consider their options, such as using VPNs or DNS-over-HTTPS (DoH) to bypass ISP DNS interception.

As the digital landscape evolves, staying informed about how your internet traffic is managed and the tools you can use to protect your online experience is more important than ever.