If you’re freaked out that your browser turned something called “DNS over HTTPS” on, you’re being bamboozled. DoH is a good thing.
-
Show this thread
-
You say “DNS over HTTPS” rather than “all your web browsing history will be sent to Cloudflare”. These are separate things, and Mozilla is doing both for all US users. Cloudflare has a history of sharing personal data with hate groups.https://www.google.com/amp/s/www.propublica.org/article/how-cloudflare-helps-serve-up-hate-on-the-web/amp …
4 replies 1 retweet 22 likes -
Replying to @wise_steve @tqbf
Cloudflare are problematic. There's no reason to think they're not law-abiding though, and Mozilla have negotiated an enforceable policy. IIUC, there are plans to add more providers to the pool in future, but right now this is *still* a more sensible default than "Trust DHCP".
5 replies 3 retweets 37 likes -
Until we have a wide adoption of encrypted SNI, you can't hide from the ISP anyway, making DoH a net loss for privacy.
3 replies 1 retweet 2 likes -
I think this is a common argument from the knights of the control plane, "DoH is pointless because we don't have ESNI, and ESNI is pointless because we don't have DoH". I don't think it's a good argument. It is true we need ESNI though!
1 reply 1 retweet 23 likes -
But the order in which they are implemented does matter. DoH, in the current environment, is a net loss for privacy. The (centralized) DoH additionally gets all your metadata, while you can hide almost nothing from the ISP.
2 replies 1 retweet 3 likes -
Replying to @matthegap @taviso and
Another beef I have with DoH is that it enables the tracking networks to circumvent privacy enhancing technologies based on DNS like
@The_Pi_Hole , but that's a different subject.1 reply 1 retweet 2 likes -
Replying to @matthegap @taviso and
I really don’t understand this argument when the PR that disables Firefox DoH on a network level landed 6 month ago in Pi-Hole. If you’re running an up-to-date version that should be a non-issuehttps://github.com/pi-hole/pi-hole/pull/2915 …
1 reply 0 retweets 1 like -
That's nice, but only works for cooperating & well meaning applications like
@firefox . If you want to use DoH to evade blocking (like the Facebook SDK in a mobile app), you can and will ignore this indication.1 reply 0 retweets 0 likes
I don't follow, malware already can and does use custom protocols, what firefox does won't change that? https://attack.mitre.org/techniques/T1094/ …
-
-
That's why I said "different subject".
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.