mirror of https://gitlab.com/curben/blog
fix: formatting
This commit is contained in:
parent
d5e36c96cf
commit
4a0ef5093f
|
@ -2,6 +2,7 @@
|
||||||
title: DNS-over-TLS/DNS-over-HTTPS does not protect your privacy
|
title: DNS-over-TLS/DNS-over-HTTPS does not protect your privacy
|
||||||
date: 2019-04-04 00:00:00
|
date: 2019-04-04 00:00:00
|
||||||
tags:
|
tags:
|
||||||
|
- Privacy
|
||||||
- Security
|
- Security
|
||||||
---
|
---
|
||||||
|
|
||||||
|
@ -17,7 +18,9 @@ But even with all that, I repeat, ISP still *knows* what IP address you are conn
|
||||||
|
|
||||||
Websites that are behind Cloudflare can be harder to lookup. For example, `dig is.gd @9.9.9.9` returned `104.25.23.21`, but going to that IP resulted in a Cloudflare error page. So, every website should use Cloudflare, I guess?
|
Websites that are behind Cloudflare can be harder to lookup. For example, `dig is.gd @9.9.9.9` returned `104.25.23.21`, but going to that IP resulted in a Cloudflare error page. So, every website should use Cloudflare, I guess?
|
||||||
|
|
||||||
Anyhow, DoT/DoH helps to address DNS spoofing issue by preventing the DNS query/answer from being maliciously modified. It makes it *harder* for the ISP from recording your browsing history because it prevents them from doing DNS logging. But they can still continue doing **IP logging**. Many news article also perpetuate the misconception that it can prevents ISP surveillance.
|
Anyhow, DoT/DoH helps to address DNS spoofing issue by preventing the DNS query/answer from being maliciously modified. It makes it *harder* for the ISP from recording your browsing history because it prevents them from doing DNS logging. But they can still continue doing **IP logging**. Not to mention DoT/DoH resolvers also can log DNS traffic. Even [DNSCrypt](https://en.wikipedia.org/wiki/DNSCrypt) cannot prevent that.
|
||||||
|
|
||||||
|
A brief search on DoT/DoH topics showed many (most?) news articles perpetuate the misconception that it can prevents ISP surveillance.
|
||||||
|
|
||||||
Title | Link
|
Title | Link
|
||||||
--- | ---
|
--- | ---
|
||||||
|
@ -26,8 +29,9 @@ Android takes aim at ISP surveillance with DNS privacy | [[2]](https://nakedsecu
|
||||||
Android To Get 'DNS over TLS' Support To Hide Your Browsing Data From ISPs | [[3]](https://wccftech.com/android-dns-over-tls-isp/)
|
Android To Get 'DNS over TLS' Support To Hide Your Browsing Data From ISPs | [[3]](https://wccftech.com/android-dns-over-tls-isp/)
|
||||||
New Android Future "DNS over TLS" going to Stop ISPs from Knowing what websites you visit | [[4]](https://gbhackers.com/dns-over-tls/)
|
New Android Future "DNS over TLS" going to Stop ISPs from Knowing what websites you visit | [[4]](https://gbhackers.com/dns-over-tls/)
|
||||||
Prevent ISPs from seeing what website you’re viewing with DNS over TLS | [[5]](https://www.thesslstore.com/blog/what-is-dns-over-tls/)
|
Prevent ISPs from seeing what website you’re viewing with DNS over TLS | [[5]](https://www.thesslstore.com/blog/what-is-dns-over-tls/)
|
||||||
|
Android getting "DNS over TLS" support to stop ISPs from knowing what websites you visit | [[6]](https://www.xda-developers.com/android-dns-over-tls-website-privacy/)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Not to mention DoT/DoH resolvers also can log DNS traffic. Even [DNSCrypt](https://en.wikipedia.org/wiki/DNSCrypt) cannot prevent that.
|
|
||||||
|
|
||||||
***TL;DR*** DoT/DoH doesn't hide your IP. Use Tor/VPN for that.
|
***TL;DR*** DoT/DoH doesn't hide your IP. Use Tor/VPN for that.
|
Loading…
Reference in New Issue