UK ISP trade association names Mozilla "Internet Villain" for supporting 'DNS-over-HTTPS'
Reason: The new DoH protocol would impede British ISPs' ability to sniff and filter traffic.
zdnet.com/article/uk-isp
19
489
699
Conversation
You do realise DoH requires handing all your DNS queries to a company like cloudflare right? I'd say that's pretty villainous. If you think firefox are being the good guys here, you're wrong.
1
3
4
No, you can use any DoH nameserver you like, including your own on a VPS or safely use any one over Tor.
1
1
20
If you think that >0.001% of people will do that you're lying to yourself.
This is further centralisation of the Internet, and frankly we've seen the negative impacts of that already.
Wake up!
2
1
4
Vast majority of users are behind CGN that negates any ability of DoH provider to track whose queries are whose.
2
1
4
Bullshit! It's HTTPS, they can easily fingerprint the headers.
1
1
Huh? If a DoH client implementation sends any distinct headers that's a bug. Certainly there's no need to.
2
1
3
DNS-over-TLS does have the advantage of a lighter and more efficient implementation but DNS-over-HTTPS doesn't add any substantial attack surface in practice as long since it's already present. Using regular HTTPS traffic over port 443 also makes it more censorship resistant.
I still want FF to ship with DNS over Tor as the default. Tor capacity can't handle everyone's content traffic, but DNS traffic is plausible to handle, and with ESNI it would end content blocking.
1
1
1
They could improve the Tor network by asking people to opt-in to being a relatively low bandwidth relay. As long as the DNS server is a hidden service, it wouldn't put more burden on exit nodes which is the main bottleneck largely because it's so risky to run one in practice.
1
2
2
Show replies