. another free MS project idea: Demonstrate that even with DoH, ISPs can still know 95% of what they know now if they retool and do IP and traffic analysis.
Conversation
Indeed! DoH does improve security but the privacy benefit is still questionable. In an upcoming paper, we see only a fraction of the Web gains some privacy benefit from the new standard, while some popular websites wonβt due to stable 1-1 IP-domain mapping arxiv.org/pdf/1911.00563
1
1
Security benefit is borderline since insecure connections stay insecure. Only mitigates one way of performing MITM attacks on other connections. The GrapheneOS FAQ is brand new but I already added entries on Private DNS since there's so much DoH/DoT hype.
grapheneos.org/faq#dns
The initial GrapheneOS FAQ entries are an odd selection because it's truly based on creating responses to questions as they come up. It's not going to be covering much about the hardening work done by the project for a while since people rarely ask questions about those things.
1