Disappointed that Firefox is giving Cloudflare user DNS resolution data by default via DoH. I trust my ISP but if I didn't, I'd use a trusted VPN to protect *all* my traffic. DoH is just a DNS-only VPN. What's worse, if you do use a VPN for FF will still leak your DNS data to Cloudflare by default. blog.mozilla.org/futurerelease

Ask yourself why all these companies are fighting each other to be your default DNS provider. Why do their "privacy" solutions always give them your data instead? It's valuable data and it's easy to control it yourself. linuxjournal.com/content/own-y

Show thread
@kyle This article seems to argue to set up a recursive resolver that sends plaintext via your ISP anyway. If your goal was to have privacy from your ISP, you failed.

@irl The goal is to have control over the DNS logs instead of giving them to Google or other big data firms. If you do not trust your ISP and think they sniff and capture all DNS traffic that goes over their wires, then the solution is to use a trusted VPN as they would probably also sniff all initial SNI requests too.

@kyle sniffing and capturing DNS traffic is probably allowed under your TOS. At the very least they are allowed to do it for technical reasons, which might include looking at where their customers are going to so they can work out what peering arrangements they need, etc.

You're right on SNI. Even if you're not using SNI it's probably the case then that the IP address is going to give away where you're going.

I think that destination IP addresses are collected by all UK ISPs by law, and retained for some specified time period.


I lost track on what was happening there in the end. Maybe that didn't happen, maybe it got worse.
Sign in to participate in the conversation
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml