So denying people control over DNS and whisking off queries to a jurisdiction with weaker privacy legislation is beneficial if their network is untrustworthy? I see.
-
-
Replying to @Alzimon @Cron2Gert and
Yes, if your network is untrustworthy "whisking off" the queries to a trustworthy network seems like a good idea to me. Nobody is denying anyone control, what are you basing that on?
1 reply 0 retweets 1 like -
Replying to @taviso @Cron2Gert and
For one thing, as I understand it, centralised DoH will let browsers and appliances circumvent my own (and any state-mandated) DNS-based blocklists. Furthermore, what I consider trustworthy is for me to decide. Information Ssecurity is about control.
1 reply 0 retweets 0 likes -
Replying to @Alzimon @Cron2Gert and
Absolutely not, this is just about choosing safe defaults. Nobody is suggesting you shouldn't be allowed to choose who is trustworthy. If you're lucky enough to only ever use trustworthy networks, great! Many people are not that lucky, and we should help them, right?
2 replies 0 retweets 0 likes -
As long as you define yourself as trustworthy, this is fine advice. Or in the words of a wise former coworker of yours: “I trust me; why shouldn’t everyone else trust me too?”
2 replies 0 retweets 1 like -
Replying to @PowerDNS_Bert @taviso and
It's fascinating to me how much the European (my overgeneralisation) perspective differs from others. In my experience our legal privacy framework is much stronger and enforcement towards ISP's is effective. I trust my ISP more than most companies outside the EU.
2 replies 0 retweets 3 likes -
Replying to @floorter @PowerDNS_Bert and
Sure, but we shouldn't abandon the people who aren't as lucky as you. I don't think it's unreasonable to pick a good default if it protects millions of less fortunate people.
1 reply 0 retweets 0 likes -
Replying to @taviso @PowerDNS_Bert and
I could argue that for about half a bilion people it's not a good default. However I am sympathetic for the argument that enabling DoH by default will increase adoption of the protocol, which I see as a good thing.
2 replies 0 retweets 1 like -
Replying to @floorter @PowerDNS_Bert and
I disagree, this isn't just about ISPs, connecting to a "Free Wifi" SSID should be safe and isn't. I am European, you can't tell me snooping is an American problem.
2 replies 0 retweets 0 likes -
In what sense is it insecure? It doesn't make anything less secure that is protected with TLS.
1 reply 0 retweets 0 likes
I didn't say insecure, I said snooping. DNS snooping is a widespread problem that we can realistically solve, but lots of people are heavily invested in it.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.