Interesting People mailing list archives

Re How to keep your ISP's nose out of your browser history with encrypted DNS

From: "Dave Farber" <farber () gmail com>
Date: Wed, 11 Apr 2018 09:48:35 -0400




Begin forwarded message:

From: Christian Huitema <huitema () huitema net>
Date: April 10, 2018 at 11:47:48 PM EDT
To: dave () farber net, ip <ip () listbox com>
Subject: Re: [IP] Re How to keep your ISP's nose out of your browser history with encrypted DNS

In a recent mail forwarded to IP, Brett Glass wrote:

The entire premise of this article is, sadly, incorrect -- and
appears intended to promote a service via fearmongering.

Using a different DNS server does not affect corporations' ability to
snoop on one's browser history, since anyone who can see the source
and destination IP addresses of a packet can perform reverse DNS on
those addresses on its own.


Actually, at least 60% of DNS lookups result in a CNAME record, and that
fraction is growing. Instead of pointing directly to the named service,
the CNAME is an alias. When you look them up, you find that they are
pointing to content distribution networks like Akamai, Cloudflare and
others, or to the "edge" points of big providers like Google, Facebook
and others. A reverse lookup of the IP address will reveal for example
that the destination is an Akamai service point, but it will not reveal
which site the user is going to, since there are very many sites served
by these CDN networks.

Using encrypted DNS services like Cloudflare's 1.1.1.1 does hide a lot
of information from the ISP.

-- Christian Huitema





-- 
This message was sent to the list address and trashed, but can be found online.
at https://www.listbox.com/login/messages/view/20180410234804:21F86B4A-3D3B-11E8-B9A6-CC26BBF2EAA0




-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-aa268125
Unsubscribe Now: 
https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-32545cb4&post_id=20180411094843:0A5D72C4-3D8F-11E8-BF80-BBC41502295C
Powered by Listbox: http://www.listbox.com

Current thread:

Re How to keep your ISP's nose out of your browser history with encrypted DNS Dave Farber (Apr 10)
- <Possible follow-ups>
- Re How to keep your ISP's nose out of your browser history with encrypted DNS Dave Farber (Apr 10)
- Re How to keep your ISP's nose out of your browser history with encrypted DNS Dave Farber (Apr 11)