mirror of https://gitlab.com/curben/blog
fix: formatting
This commit is contained in:
parent
d5e36c96cf
commit
4a0ef5093f
|
@ -2,6 +2,7 @@
|
|||
title: DNS-over-TLS/DNS-over-HTTPS does not protect your privacy
|
||||
date: 2019-04-04 00:00:00
|
||||
tags:
|
||||
- Privacy
|
||||
- Security
|
||||
---
|
||||
|
||||
|
@ -17,7 +18,9 @@ But even with all that, I repeat, ISP still *knows* what IP address you are conn
|
|||
|
||||
Websites that are behind Cloudflare can be harder to lookup. For example, `dig is.gd @9.9.9.9` returned `104.25.23.21`, but going to that IP resulted in a Cloudflare error page. So, every website should use Cloudflare, I guess?
|
||||
|
||||
Anyhow, DoT/DoH helps to address DNS spoofing issue by preventing the DNS query/answer from being maliciously modified. It makes it *harder* for the ISP from recording your browsing history because it prevents them from doing DNS logging. But they can still continue doing **IP logging**. Many news article also perpetuate the misconception that it can prevents ISP surveillance.
|
||||
Anyhow, DoT/DoH helps to address DNS spoofing issue by preventing the DNS query/answer from being maliciously modified. It makes it *harder* for the ISP from recording your browsing history because it prevents them from doing DNS logging. But they can still continue doing **IP logging**. Not to mention DoT/DoH resolvers also can log DNS traffic. Even [DNSCrypt](https://en.wikipedia.org/wiki/DNSCrypt) cannot prevent that.
|
||||
|
||||
A brief search on DoT/DoH topics showed many (most?) news articles perpetuate the misconception that it can prevents ISP surveillance.
|
||||
|
||||
Title | Link
|
||||
--- | ---
|
||||
|
@ -26,8 +29,9 @@ Android takes aim at ISP surveillance with DNS privacy | [[2]](https://nakedsecu
|
|||
Android To Get 'DNS over TLS' Support To Hide Your Browsing Data From ISPs | [[3]](https://wccftech.com/android-dns-over-tls-isp/)
|
||||
New Android Future "DNS over TLS" going to Stop ISPs from Knowing what websites you visit | [[4]](https://gbhackers.com/dns-over-tls/)
|
||||
Prevent ISPs from seeing what website you’re viewing with DNS over TLS | [[5]](https://www.thesslstore.com/blog/what-is-dns-over-tls/)
|
||||
Android getting "DNS over TLS" support to stop ISPs from knowing what websites you visit | [[6]](https://www.xda-developers.com/android-dns-over-tls-website-privacy/)
|
||||
|
||||
|
||||
|
||||
Not to mention DoT/DoH resolvers also can log DNS traffic. Even [DNSCrypt](https://en.wikipedia.org/wiki/DNSCrypt) cannot prevent that.
|
||||
|
||||
***TL;DR*** DoT/DoH doesn't hide your IP. Use Tor/VPN for that.
|
Loading…
Reference in New Issue