Aurich / Thinkstock
Google gives a VPN through its “Google One” month-to-month subscription plan, and whereas it debuted on telephones, a desktop app has been out there for Windows and Mac OS for over a 12 months now. Since lots of people pay for Google One for the cloud storage enhance for his or her Google accounts, you is perhaps tempted to attempt the VPN on a desktop, however Windows customers testing out the app have not appeared too blissful these days. An open bug report on Google’s GitHub for the undertaking says the Windows app “breaks” the Windows DNS, and this has been ongoing since a minimum of November.
A VPN would naturally route all of your site visitors by a safe tunnel, however you’ve got nonetheless bought to do DNS lookups someplace. A variety of VPN providers additionally include a DNS service, and Google isn’t any completely different. The drawback is that Google’s VPN app adjustments the Windows DNS settings of all community adapters to all the time use Google’s DNS, whether or not the VPN is on or off. Even when you change them, Google’s program will change them again.
Most VPN apps do not work this manner, and even Google’s Mac VPN program does not work this manner. The customers in the thread (and the ones emailing us) count on the app, at minimal, to make use of the unique Windows settings when the VPN is off. Since operating a VPN is usually about privateness and safety, customers need to have the ability to change the DNS away from Google even when the VPN is operating.
Changing the DNS can lead to a number of issues for sure setups. As customers in the thread level out, some individuals, particularly these utilizing a VPN, need an encrypted DNS setup, and Google’s VPN program will simply flip this off. It can break customized filtering setups and can forestall customers from accessing native community IPs, like a router configuration web page or company intranet pages. It may also make it inconceivable to log in to a captive portal, which you usually see on public Wi-Fi at a lodge, airport, or espresso store.
Besides that habits, the thread is filled with all kinds of experiences of Google’s VPN program getting screwy with the Windows DNS settings. Several customers say Google’s VPN app continuously resets the DNS settings of all community adapters, even when they modify them after the preliminary set up units them to eight.8.8.8. For occasion, one reply from ryanzimbauser says: “This program has completely no enterprise altering all current NICs to a separate DNS on the startup of my laptop whereas the program is just not set to ‘Launch app after laptop begins.’ This current change interfered with my laptop’s capability to entry a community implementing a non-public DNS filter. This has damaged my belief and I cannot be reinstalling this program till that is remedied.”
Several consumer experiences say that even after uninstalling the Google VPN, the DNS settings do not revert to what they was once. Maybe that is extra of a Windows drawback than a Google drawback, however numerous customers have hassle altering the settings away from 8.8.8.8 by the management panel after uninstalling. They are resorting to registry adjustments, PowerShell scripts, or the “reset community settings” button.
Google worker Ryan Lothian responded to the thread, saying:
Hey people, thanks for reporting this behaviour.
To shield customers privateness, the Google One VPN intentionally units DNS to make use of Google’s DNS servers. This prevents a nefarious DNS server (that is perhaps set by DHCP) compromising your privateness. Visit https://builders.google.com/velocity/public-dns/privateness to find out about the restricted logging carried out by Google DNS.
We suppose this can be a good default for many customers. However, we do acknowledge that some customers would possibly need to have their very own DNS, or have the DNS revert when VPN disconnects. We’ll take into account including this to a future launch of the app.
It’s fairly uncommon for Google, the internet and Android firm, to make a Windows program. There’s Chrome, the Drive syncing app, Google Earth Pro, this VPN app, and never an excessive amount of else. You can discover it by going to the Google One web site, clicking “Benefits” in the sidebar, after which “View Details” underneath the VPN field, the place you will discover an exceedingly uncommon Google Windows executable.
If you need a VPN and care about privateness, there are most likely higher locations to go than Google. The firm can nonetheless see all the web sites you are visiting through its DNS servers, and whereas the VPN knowledge is perhaps non-public, Google’s DNS holds onto your internet historical past for as much as 48 hours and is topic to subpoenas. There are a number of accusations in the thread of Google altering DNS for knowledge harvesting functions, however when you’re involved about that, possibly do not do enterprise with considered one of the world’s largest user-tracking firms.