Internet connection secure from surveilance?

Here is my reply to Joe

Your solution is good. In general, anyone worried about this kind of invasion of privacy
should arrange to run their own root servers. The more the merrier. This is not neccessarily
about having multiple roots with colliding TLDs, but about security from surveillance.

A better solution would be to turn off recursion, this _may_ lead to
partitioning away from the rest of the internet, just as running a local
root may lead to partitioning away. The benefit, of course, is that
you don't worry about someone tapping into any sub-domain dns

Slightly better than that is to disconnect from the network entirely.
This will help prevent someone from eavesdropping on other protocols
as well. Again, this may lead to partitioning away from the rest of the