@federico3
2
edit-2
2M

DoH is not about protecting your DNS queries from peepers. That is a big lie.

Reminder: if you don’t protect your HTTP[S] traffic using Tor and TorBrowser, your privacy is still very much compromised.

For a nosy Internet Provider is very easy to correlate the IP addresses your browser connects to with the most popular websites and services.

(Not to mention browser fingerprintinting and tracking done by 3rd parties)

@peppermint
12M

SNI easily gets uncovered with even the most rudimentary DPI I would think.

@federico3
12M

Yes and also, even with ESNI or domain fronting in use, the IP addresses are still a dead giveway. There’s no protection from that.

@peppermint
0
edit-2
2M

True, though looking at my tcpdump tor/i2p nodes generate a lot of fake interactions. unless you connect to snapcraft.io or like that every 15 minutes you aren’t that obvious.

@Echedenyan
22M

Well, I mount my own server inside a little community.

Requests are shared between the community when the DNS server asks to root ones directly and is not specific of every individual.

A way to proxify the DNS requests securely.

m-p{3}
12M

I encountered some networks where DoT wasn’t going through (restrictive firewall) while DoH went through just fine, so I chose that instead.

@HMH
12M

I mostly agree with the sentiment. The thing that really bugs me is that configuring DNS system wide is broken like that.

Subscribe to see more stories about technology on your homepage


  • 0 users online
  • 31 users / day
  • 38 users / week
  • 136 users / month
  • 461 users / 6 months
  • 2836 subscribers
  • 1244 Posts
  • 3040 Comments
  • Modlog