You don't though. You can just disable it at group policy level. It's not like the OS is suddenly forcing all queries over DoH, it's a browser feature. Malware has to implement it, and if they wanted to, they could implement one of the many alternatives.
-
-
We simply can't stop improving privacy because "malware might use it to exfiltrate", that's true for basically everything. If you vow to never enable anything on your network that malware can abuse, what will be left? Also, deploy whitelisting

-
Can you explain where you have seen it successfully deployed? Every solution I’ve seen has crazy bypasses available
End of conversation
New conversation -
-
-
Illegitimate =/ malicious in the enterprise.
-
But malicious is a subset of illegitimate.
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
