Oblivious DNS-over-HTTPS

I think some here will find this interesting…


This is 100% inaccurate “Apple and Cloudflare have jointly developed a new Internet protocol designed to protect your privacy, by preventing your internet service provider (ISP) from seeing which websites you visit”

ISP don’t need to be able to see your DNS info to know where you are going they can get that from the URI if it is not encrypted.

Hence why Google is also backing making encrypted URI the standard, they use words like security and privacy (which are not 100% false) to get general buy-in, however this is all about the money.

In the case of chrome DoH allows the browser to bypass the local systems DNS settings. While for a average home user this may not generally an issue in the corporate world it is a big deal. For now wee are able to redirect the DoH DNS queries at the edge to the DNS servers we want to force them to use but if they succeed in making encrypted URIs the standard that will become increasingly difficult.

Of course Cloudflare recently launched their Security as a Service platform, so none of this should be that suprising.