From Newsgroup: alt.privacy

YogaDNS intercepts Windows DNS queries & routes thru encrypted protocols

*YogaDNS* Version 1.47 (2025.04.30)
Windows (x86, x64, ARM) 7, 8, 10, 11, Server 2012, 2016, 2019, 2022
<https://yogadns.com/download/>
<https://yogadns.com/download/YogaDNSSetup.exe>
Name: YogaDNSSetup.exe
Size: 8369736 bytes (8173 KiB)
SHA256: C790B930B990D3906124CBFF26A634D6400460F1E24616E41A88A6DF0EAE0CE4

Both Windows 10 & Windows 11 suck at system-wide DNS encryption setup.

Windows 10 does not have native support for DNS-over-HTTPS (DoH) at the
system level unless you're using experimental builds and doing some manual configuration. Even then, it's limited and not easily managed via
PowerShell or the GUI.

Windows 11 does support DoH natively at the operating system level.
However Windows 11's native DoH doesn't support DoQ, DNSCrypt, or DoH3.
<https://www.reddit.com/r/nextdns/comments/16vue7u/yogadns_and_native_private_dns_on_windows_11/>

Tools like YogaDNS are popular because they intercept DNS traffic & route
it through encrypted channels like DoH, DoT, or DoQ, regardless of what Powershell commands your Windows supports.

YogaDNS is a trialware->free Windows DNS client that intercepts
DNS queries at the system level & routes them through encrypted protocols
a. DoH (DNS over HTTPS) including DoH3
b. DoT (DNS over TLS)
c. DoQ (DNS over QUIC)
d. DNSCrypt

With YogaDNS, DNS DNS queries are encrypted before they leave your PC.

After 30 days, what do you end up with as the "free" version:
A. Only one DNS server is allowed (e.g., Cloudflare 1.1.1.1)
B. Only two customizable rules (e.g., use YogaDNS for all web sites)
C. It no longer automatically launches (you can launch it manually)
D. It no longer runs in the background (it can be minimized though)

Rules are like filters that tell it how to handle websites or networks.
Example 1 Use Cloudflare for all websites.
Example 2 Exclude local network devices.

To overcome the automatic-launch limitation, you can manually add it to
your Windows startup using Task Scheduler or to your Startup folder.
1. Press Win + R, type shell:startup, and hit Enter.
2. Copy the YogaDNS shortcut into that Startup folder.

To clarify the lack of background services in the free version, the free version of YogaDNS must remain open to function, but it can be minimized to
the system tray (i.e., iconified). That way, it won't clutter your screen,
but if you close it completely, its system-wide DNS protection stops.

Windows version information that this was tested on:
PowerShell: 5.1.19041.6216
Windows: 10.0.19045.6216
Based on output from these two admin commands:
C:\Windows\system32> powershell $PSVersionTable.PSVersion
Major Minor Build Revision
----- ----- ----- --------
5 1 19041 6216
C:\Windows\system32> ver
Microsoft Windows [Version 10.0.19045.6216]

My system is running Windows 10 Version 22H2 (Build 19045.6216) which is
the final major release of Windows 10l It's a fully updated Windows 10
(22H2) but PowerShell is still showing the original base version (19041),
but with the same patch level (6216) because PowerShell 5.1 is baked into Windows 10. That means it doesn't get version bumps with every OS update. Microsoft kept the PowerShell versioning aligned with the original base
(19041) even though the Windows 10 22H2 OS itself has evolved.

What this means is key DNS features in Windows 11 are missing or limited.

These are not available in Windows 10 (19045.6216):
a. Native DNS-over-HTTPS (DoH) support
b. DoH configuration via Settings UI
c. DoQ, DNSCrypt, DoH3 support
d. DoH via Group Policy / Registry (but you can run registry hacks)
e. DoH via netsh dns show encryption (limited on Windows 10 vs 11)
f. PowerShell DNS cmdlets (limited on Windows 10 versus on Windows 11)
g. DNS leak protection during boot (limited more on Windows 10 than 11)

This means that it's "easier" to set up system-wide encrypted DNS on
Windows 11 but even for advanced protocols like DoQ or DNSCrypt, neither Windows 10 nor Windows 11 supports them natively, so tools like YogaDNS are still useful for both platforms.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.privacy

On Tue, 26 Aug 2025 01:31:06 -0000 (UTC), Marion wrote:

After 30 days, what do you end up with as the "free" version:

That's not freeware. That's crippleware.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.privacy

On Tue, 26 Aug 2025 13:49:23 +0700, JJ wrote :

After 30 days, what do you end up with as the "free" version:

That's not freeware. That's crippleware.

You bring up a good point in that it's not completely functional after 30d.
The problem with freeware, is finding one that is fully functional.

I don't yet know of a fully functional DoH tool for Windows 10/11.
Do you?

If not, then we're stuck with this as the best choice that we have so far.

I get where you're coming from because you get more in the first 30 days
than you get after the 31st day. But it is free to use after that.

So while it doesn't have all the functionality, it has enough of it.
Is that crippled or not?

Dunno. I guess it depends on how badly you need the functionality it has.
I suspect you need it badly if you want to run DoH on Windows 10 or older.

Because Windows 10 and Windows 11 do not have good GUIs for DoH setup.
So the question becomes what's a good freeware DoH setup tool for Windows?
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.privacy

Marion wrote:

JJ wrote :

After 30 days, what do you end up with as the "free" version:

That's not freeware. That's crippleware.

You bring up a good point in that it's not completely functional after 30d. The problem with freeware, is finding one that is fully functional.

Not that I'm interested in this ware, but I looked at the page; there's
not that much limitation to the free/basic version as the paid/Pro.

https://yogadns.com/pricing/
--
Mike Easter
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.privacy

On Fri, 29 Aug 2025 11:17:45 -0700, Mike Easter wrote:

Marion wrote:

JJ wrote :

After 30 days, what do you end up with as the "free" version:

That's not freeware. That's crippleware.

You bring up a good point in that it's not completely functional after 30d. >> The problem with freeware, is finding one that is fully functional.

Not that I'm interested in this ware, but I looked at the page; there's
not that much limitation to the free/basic version as the paid/Pro.

https://yogadns.com/pricing/

It's there in plain sight.

Single DNS server...

While web browsers also provide only one secure DNS, OSes provide at least
two non-secure DNS.

Two fully customizable rules...

Presumably instead of limited by sorage/memory. Then crippled after
evaluation time is over.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.privacy

On Sat, 30 Aug 2025 20:40:40 +0700, JJ wrote :

Not that I'm interested in this ware, but I looked at the page; there's
not that much limitation to the free/basic version as the paid/Pro.

https://yogadns.com/pricing/

It's there in plain sight.

Heh heh heh... that's not the point. The point simply is that it does "something" for free. And that's what matters for freeware.

It doesn't matter that it does "more" if you pay more.
It only matters that it does "enough" for free. :)

(Note: You may consider that wrong, but that's how I feel about freeware.)

Single DNS server...

While web browsers also provide only one secure DNS, OSes provide at least two non-secure DNS.

I don't disagree that multiple DNS's can be much better than one DNS.
The question is what freeware gives that to you.

I tried a few before I settled (for now) on YogaDNS.
But I'm a proponent of freeware and have been for forty years.

If you know of something better, now is the time to let us in on it.

Two fully customizable rules...

Presumably instead of limited by sorage/memory. Then crippled after evaluation time is over.

Again, your insinuation that a bicycle is a crippled motorcycle is fair
enough if what you need is a motorcycle - but if a bike works - it's not crippled.

It's not fair of you to deprecate what YogaDNS does for free without you providing an alternative that does what you seem to feel it needs to do.

What do you suggest that is better?
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.privacy

On Sun, 31 Aug 2025 03:41:29 -0700, John C. wrote :

On 25/08/31 03:40 AM, John C. wrote:

Tavis Ormandy wrote:

Marion wrote:

Because Windows 10 and Windows 11 do not have good GUIs for DoH setup. >>>> So the question becomes what's a good freeware DoH setup tool for Windows? >>>

What's wrong with the builtin GUI?

I guess there is no way to duplicate their rules feature... but is that
something people really want?

I like DoH, but I just use it for everything.

Never a good idea to use undefined acronyms. And for those who don't
know: DNS over HTTPS (DoH)

Oh yeah:

DNS: Dynamic Name Server
HTTPS: Hypertext Transfer Protocol Secure

I apologize for not being clear about the terms and goals.

The goal is privacy, and one item of privacy is an encrypted DNS lookup. Windows will do that. But not really. Not well. And not easily.
Windows 11 does it slightly better than Windows 10. But both suck at it.

You must edit the registry. I've done it. It's a PITA on Windows.
I even wrote a tutorial how to do it so that others could also do it.

From: Marion <marion@facts.com>
alt.comp.os.windows-10,alt.comp.os.windows-11,alt.comp.microsoft.windows
Privacy Tutorial: Setting up system-wide DoH for the 1st time on Windows
Date: Thu, 14 Aug 2025 04:15:15 -0000 (UTC)
Message-ID: <107jnsi$jc7$1@nnrp.usenet.blueworldhosting.com>

But it's really hard to do, in my humble opinion, with native Windows.
That's _why_ we need a better solution.

If YogaDNS isn't that better solution, I'm fine with that being the answer.
But what is the better solution then?
--
https://alt.comp.os.windows-10.narkive.com/ https://alt.comp.os.windows-10.narkive.com/6WmnJbJJ/privacy-tutorial-setting-up-system-wide-doh-for-the-1st-time-on-windows
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.privacy

Marion wrote:

The point simply is that it does
"something" for free. And that's what matters for freeware.

I'm not clear on what you are doing about your 'index of suspicion' that
you should maintain for the adage, 'if you are not paying for the
product, you ARE the product'.

Personally I don't subscribe to that, because I live in a world which is
full of volunteers who collaborate on open so rce ware, and they aren't
trying to 'get' me, b t I'm also a die-hard skeptic who feels that there
are all kinds of both good-g ys and bad-g ys l rking behind free st ff.

Hmmmph. My 'yew' key died d.ring this msg.
--
Mike Easter
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.privacy

On Sun, 31 Aug 2025 11:31:25 -0700, Mike Easter wrote :

The point simply is that it does
"something" for free. And that's what matters for freeware.

I'm not clear on what you are doing about your 'index of suspicion' that
you should maintain for the adage, 'if you are not paying for the
product, you ARE the product'.

Personally I don't subscribe to that, because I live in a world which is full of volunteers who collaborate on open so rce ware, and they aren't trying to 'get' me, b t I'm also a die-hard skeptic who feels that there
are all kinds of both good-g ys and bad-g ys l rking behind free st ff.

Hmmmph. My 'yew' key died d.ring this msg.

My argument that "you get what you pay for" is bro science.
My argument is "you get what you get" & "you pay what you pay".
That's science.

Bro science sounds good.
But bro science isn't science.

I'm an intelligent person who is extremely well educated, so I'm extremely well aware that most people are incredibly stupid when it comes to understanding things.

Take gravity. It's not a force. It's just not. But most think it is.
Take milk. It's not natural. It's just not. Not for adults.
Take the iPhone. It's not more secure than Android. It's just not.
Take premium gasoline. It's not better than regular. It's just different.
Take pH and the pKa of HOCl in pool water where the pool store will scream
at you if your pH is higher than about 7.6 and yet the pH doesn't matter in
an outdoor pool. Nobody knows this. Not even pool professionals.

Take "zero gravity" where the only force on those astronauts orbiting is
that they are very much under the influence of a hellova lot of gravity.

Take politics where Trump is so bad that the Democrats don't realize they
had to be much worse to lose so miserably to him and yet they don't realize that fact.

Take world affairs where Iran has no natural disputes with Israel and yet
Iran foments both direct and proxy wars with Israel on ideology alone.

Take motor oil where the only thing that "really" matters if you change
your oil is the API & SAE grades, where, let's face it, you can't find a
bad motor oil nowadays based on that spec.

Speaking of the specs, you can't find a bad tire either or a bad battery or
a bad brake pad, etc., if you buy the things by the specifications.

Yet most people can't handle that there is detail and knowledge needed to
buy a brake pad by the coefficient of friction even though the cold/hot friction rating has to be printed on every box sold in the United States.

Just like the friction of every tire and the wear rating and the speed
rating (actually heat dissipation rating) has to be printed on every tire.

I'm trying to make a point here that the dumber a person is, the more they
try to hide behind some kind of bro science aphorism that is supposed to
have some meaning to them over and above what everyone else knows.

Anyone who says "you get what you pay for" is stupid.
Anyone who says "if you get it for free, you are the product" is too.

That's bro science.

It's like saying an electric car doesn't pollute because it has no
tailpipe. It sounds great. It even seems logical. Yet it's wrong.

Depending on how you count pollution, an electric car pollutes twice as
much as ICE vehicles do and certainly it takes far more GHG emissions just
to put the electric car on the dealers' parking lot than an ICE vehicle.

Bro science is for people who are stupid.
Bro science sounds great.

I ran into it today when the pool store told me to add acid when I add chlorine to my pool, because, they said, the chlorine has a pH of 13 so it raises the pH and therefore you need to add acid to bring the pH back down.

Sounds great, right?
I took chemistry in college. Organic too.
It makes sense.

But it's wrong.
And that's the point.

Bro science sounds good.
But bro science isn't science.

Anyway, I think we're in agreement.

In my book, people who say "you get what you pay for" and/or "if you get it for free then you are the product" never seem to understand what it is that they got.

The fact is, you get what you get.
It's up to you and me to know what that is.
--- Synchronet 3.21a-Linux NewsLink 1.2