The very same people who tell us malware will obey our endpoint DNS configuration are busy deploying web browsers which default to doing just the opposite.https://twitter.com/taviso/status/1181760420056428544 …
It seems like you're saying you think software shouldn't use DoH because if you disable it, malware might ignore you. That just doesn't make sense - malware *is* software - it can use DoH today whether other software does or not.
-
-
imagine if DoH were never an RFC and wasn't deployed by the top unblockable web search provider. In that world, malware would not be able to use DoH without being obvious and being caught. I'm not saying we shouldn't *use* DoH. I'm saying we shouldn't even *invent* it.
-
Isn't that just saying "Pretty please only use these protocols?", it's just a minor variation of what you were making fun of. Malware authors use their own protocols all the time? https://attack.mitre.org/techniques/T1094/ …
- 9 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.