@SloppilyFloss@lemmy.ml to Technology@lemmy.ml • 3 years agoWhy not use DNS over HTTPS (DoH)?www.bsdhowto.chmessage-square7fedilinkarrow-up114arrow-down10
arrow-up114arrow-down1external-linkWhy not use DNS over HTTPS (DoH)?www.bsdhowto.ch@SloppilyFloss@lemmy.ml to Technology@lemmy.ml • 3 years agomessage-square7fedilink
minus-square@peppermint@lemmy.mllinkfedilink1•3 years agoSNI easily gets uncovered with even the most rudimentary DPI I would think.
minus-square@federico3@lemmy.mllinkfedilink1•3 years agoYes and also, even with ESNI or domain fronting in use, the IP addresses are still a dead giveway. There’s no protection from that.
minus-square@peppermint@lemmy.mllinkfedilink0•edit-23 years agoTrue, though looking at my tcpdump tor/i2p nodes generate a lot of fake interactions. unless you connect to snapcraft.io or like that every 15 minutes you aren’t that obvious.
SNI easily gets uncovered with even the most rudimentary DPI I would think.
Yes and also, even with ESNI or domain fronting in use, the IP addresses are still a dead giveway. There’s no protection from that.
True, though looking at my tcpdump tor/i2p nodes generate a lot of fake interactions. unless you connect to snapcraft.io or like that every 15 minutes you aren’t that obvious.