Interesting People mailing list archives
Re How to keep your ISP's nose out of your browser history with encrypted DNS
From: "Dave Farber" <farber () gmail com>
Date: Wed, 11 Apr 2018 09:48:35 -0400
Begin forwarded message:
From: Christian Huitema <huitema () huitema net> Date: April 10, 2018 at 11:47:48 PM EDT To: dave () farber net, ip <ip () listbox com> Subject: Re: [IP] Re How to keep your ISP's nose out of your browser history with encrypted DNS In a recent mail forwarded to IP, Brett Glass wrote:The entire premise of this article is, sadly, incorrect -- and appears intended to promote a service via fearmongering. Using a different DNS server does not affect corporations' ability to snoop on one's browser history, since anyone who can see the source and destination IP addresses of a packet can perform reverse DNS on those addresses on its own.Actually, at least 60% of DNS lookups result in a CNAME record, and that fraction is growing. Instead of pointing directly to the named service, the CNAME is an alias. When you look them up, you find that they are pointing to content distribution networks like Akamai, Cloudflare and others, or to the "edge" points of big providers like Google, Facebook and others. A reverse lookup of the IP address will reveal for example that the destination is an Akamai service point, but it will not reveal which site the user is going to, since there are very many sites served by these CDN networks. Using encrypted DNS services like Cloudflare's 1.1.1.1 does hide a lot of information from the ISP. -- Christian Huitema -- This message was sent to the list address and trashed, but can be found online. at https://www.listbox.com/login/messages/view/20180410234804:21F86B4A-3D3B-11E8-B9A6-CC26BBF2EAA0
------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-aa268125 Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-32545cb4&post_id=20180411094843:0A5D72C4-3D8F-11E8-BF80-BBC41502295C Powered by Listbox: http://www.listbox.com
Current thread:
- Re How to keep your ISP's nose out of your browser history with encrypted DNS Dave Farber (Apr 10)
- <Possible follow-ups>
- Re How to keep your ISP's nose out of your browser history with encrypted DNS Dave Farber (Apr 10)
- Re How to keep your ISP's nose out of your browser history with encrypted DNS Dave Farber (Apr 11)