Can someone please explain to me why DNS-over-HTTPS (DoH) is bad? Signed, someone who transitioned from BIND9 to djbdns circa 2000, learned about Curve25519 via DNSCurve, considers the latter an abject failure...https://twitter.com/kennwhite/status/1170753874279485440?s=21 …
-
-
I think one challenge is domain blocking on small business router/firewalls, etc. They're less interested in snooping and more interesting in saying "you can't get there from here". That's a legitimate business decision made harder to implement.
-
That's true, though at least right now, it's rather simple if you run your own DNS resolver: Return NXDOMAIN for http://use-application-dns.net and everything will fall back to plain old insecure DNS. Alternatively, businesses can add a DoH proxy for their resolver and push GPOs or w/e.
- 1 more reply
New conversation -
-
-
I'm considering writing a ticket, especially since they already have most of the infrastructure in place for their "tracking protection" (which in reality is just a hosts-based blacklist). Not sure if it'd work on mobile though, especially Focus. Probably worth a try.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I made a few suggestions on Bugzilla, please feel free to chime in!https://bugzilla.mozilla.org/show_bug.cgi?id=1544233#c3 …
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
