If you’re freaked out that your browser turned something called “DNS over HTTPS” on, you’re being bamboozled. DoH is a good thing.
18
46
237
Conversation
This Tweet was deleted by the Tweet author. Learn more
That is a confusing tweet, it sounds like you might think Google owns Cloudflare? That is not the case. If it helps, Cloudflare are legally bound to a retention policy negotiated by Mozilla, which you can read here developers.cloudflare.com/1.1.1.1/commit.
7
This Tweet was deleted by the Tweet author. Learn more
That's still confusing, because Chrome is not doing anything like that, or planning to do anything like that? The Chrome plan is to essentially to only upgrade connections to your *existing* resolver, so how can that possibly be bad for privacy?
1
This Tweet was deleted by the Tweet author. Learn more
Yep exactly that, AFAIK Android can support DoT for the system resolver, but I don't know of any plans for DoH outside of browsers. I'd be lying if I said I don't want more DoH though, but I have absolutely no say in the matter 😆
1
2
Android 10 uses opportunistic DoT with the network-provided DNS servers (DHCP or VPN) by default. It provides the option to set a specific DoT server hostname for authenticated encryption without a fallback to unencrypted DNS. I don't think there are any plans to add DoH support.
2
This Tweet was deleted by the Tweet author. Learn more
No, I think what I said is also accurate for Android 9. The default is the automatic setting, i.e. opportunistic encryption.