Aye that provides blocking, not monitoring and logging tho. Malware is only a small part of the security landscape, you see phishing etc using DNS. It’s not a big deal tho as security solutions will adapt, it’s similar with the mass move to SSL years back.
-
-
Replying to @GossiTheDog @no_scooters and
Would you agree that the strong push for SSL, while inconvenient for network monitoring, was a good thing? I get the pushback because it will require changes, but it is very clearly the right direction
3 replies 0 retweets 18 likes -
Replying to @taviso @no_scooters and
It’s a good thing for consumers. For enterprises it raised the bar of security technical requirements, kinda feeds into security poverty for orgs that can’t invest in tooling.
2 replies 0 retweets 7 likes -
Replying to @GossiTheDog @no_scooters and
I don't follow, it absolutely must be possible for Administrators to disable DoH via group policy, I don't think anybody claims otherwise? If you're Administrator, it's your endpoint and you can disable all privacy controls if you wish.
7 replies 1 retweet 6 likes -
Replying to @taviso @GossiTheDog and
Yes, you can disable DoH in Chrome, Firefox and other legitimate applications by using Group Policy, but there is also the aspect of malicious applications or poorly coded applications that don't provide that facility or don't respect it for malicious reasons.
2 replies 0 retweets 1 like -
Replying to @NEXUS2345 @taviso and
Or somehow the default always favours one party, and somehow you keep ending back up that default. You can keep turning off location tracking, but somehow it never sticks.https://fortune.com/2018/08/21/google-location-tracking-lawsuit-ftc/ …
1 reply 0 retweets 1 like -
Replying to @PowerDNS_Bert @NEXUS2345 and
Are your arguments so weak that you have to play the "malicious ulterior motive" card? Frankly, it doesn't even make sense, "I don't trust anyone to honor the setting, so you should never even give us the setting"?
1 reply 0 retweets 0 likes -
Replying to @taviso @NEXUS2345 and
Once your company has a track record of not ignoring these settings or accidentally monetizing/sharing things they said they wouldn't your argument would be credible. Until then we wait. You are aware of where you work? I sometimes wonder.
2 replies 0 retweets 0 likes -
Replying to @PowerDNS_Bert @NEXUS2345 and
Please stop with this nonsense Bert, I'm not questioning your or PowerDNS motives. Let your arguments stand on their own if they're strong enough.
1 reply 0 retweets 1 like -
Replying to @taviso @NEXUS2345 and
You can look at our privacy credentials all you want, they are sound. Track record and business model matters when someone attempts to centralize even more internet on themselves.
1 reply 0 retweets 2 likes
You're right to be worried about this Bert, the argument for DoH is so strong and your silly personal attacks are so weak that the days of DNS snooping products are surely numbered.
-
-
Replying to @taviso @PowerDNS_Bert and
1.1.1.1 and 8.8.8.8 have turned off all their logging? Are their days numbered?
1 reply 0 retweets 0 likes -
Replying to @mnordhoff @PowerDNS_Bert and
The queries have to go somewhere by default. I think that optimally, that default should be DoH to a RR of local, vetted providers who have made strict privacy commitments. A single vetted provider is not as wonderful, but sure is a better default than whatever the DHCP tags say.
1 reply 0 retweets 0 likes - 5 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.