So many articles claiming how great DNS-Over-TLS is, but failing to mention that most implementations are poorly done, allowing the DNS server to track all the queries from an endpoint w/ TLS session resumption. It's a regression from stateless UDP DNS that needs to be addressed
-
-
Replying to @FredericJacobs @okhin
it's really an important regression ? Tracking is already possible via IP addresses for most users.
2 replies 0 retweets 2 likes -
Most IP addresses are shared between thousands of users.
2 replies 0 retweets 0 likes -
Replying to @RichFelker
I'm curious to see reals statistics about that. In France, CGN on landline are very rare (and IPv6 is gradually deployed). For mobile networks, CGN are in place but when IPv6 will be in place, it will be one device == one IP address.
1 reply 0 retweets 0 likes
Replying to @Taelia_
Just a counting argument. Compare # of IPs not held for corporate/uni/etc. with # of end-user devices on the net.
9:22 AM - 7 Apr 2018
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.