Usually, when I read about Firefox, they’re doing something bad. This won’t make me switch back from Waterfox. Maybe.
I didn’t read the tech specs, but if it’s only masking DNS don’t bother. The IP address is all the ISP needs.
The only reason the internet grew so fast with free content is so you could be spied upon.
DoH won’t stop the data collection but it’ll likely make it more difficult.
- -
Good!
Well on second thought...I guess that would just tell you the farm...not the actual site (if it’s a shared site).
DuckDuckGo says they don’t track user activity. Have any Freepers even able to verify this?
Bump
The biggest problem with this entire scheme is that there is no provision in the DNS protocol for encryption. What they are doing is (ab)using the http protocol to route DNS queries to a third party, where the queries will originate. Seems to me that this is not going to do much for browsing speed, especially these days, as websites tend to be fairly complex with data and images actually being fed from separate servers, which entails multiple queries for a single page.
If they are concerned about the privacy issues surrounding DNS queries, they should submit an RFC to modify DNS query behaviour. I’m kinda thinking that’s going to be a hard sell though. DNS is designed to be a fairly simple protocol, and until fairly recently was primarily UDP traffic, which doesn’t even have error checking built into it. UDP packes are basically a fire-and-forget designed for speed and not even primarily for accuracy, much less privacy. There would be huge changes required in infrastructure to implement encryption beyond that already implemented in the DNSSec spec. Heck, DNSSec is such a pain in the ass to implement, that most sites don’t even bother with it.
I’m really not going to be happy with trying to troubleshoot yet another layer of complexity under what was supposed to be a fairly straightforward purpose. I’d be willing to bet that there are going to be both latency and caching issues involved in this. Is the browser going to retry as a standard UDP query if latency issues crop up?