Quick question about DNS and DoH that I thought about after reading this post:

https://packmates.org/@silvereagle@furry.engineer/111176886781705659

Wouldn’t it make sense for Firefox or another third party to bundle and transparently forward all DoH requests to cloudflare so that:

A) Cloudflare doesn’t know who made what request due to not knowing the origin

B) Firefox doesn’t know who made what request due to TLS

#Infosec #Privacy
CC: @privacyguides

  • FeelzGoodMan420@eviltoast.orgBannedEnglish
    1·
    2 years ago

    Just an fyi. DoH is a fucking nightmare for network management. For example, if you use a pihole on your network, you 100% do NOT want devices using encrypted DNS.

    • Azzy@beehaw.orgEnglish
      1·
      2 years ago

      Is it possible for devices to ask the pihole without doh, and the pi-hole to forward the request with doh if the domain isn’t in the cache?

    • toxicyeti@sh.itjust.worksEnglish
      0·
      2 years ago

      I’ve just started using their Zero trust stuff and so far I like it. Why should I not use them? What other options are better?

      • Free Palestine 🇵🇸@sh.itjust.worksEnglish
        1·
        2 years ago

        I meant Cloudflare DNS, I don’t understand why Firefox uses Cloudflare DNS when there are so many other great options like NextDNS. The reason why many people in the privacy community dislike Cloudflare or CDNs in general is because they are often hostile to VPN or TOR users, and they centralize the web.