
DNS-over-HTTPS privacy and security concerns - fanf2
https://godaddy.github.io/2019/09/04/doh-concerns/
======
jillesvangurp
I've had Doh enabled since Firefox added the feature. Zero issues; works
great. They are starting to roll this out by default for a small portion of
their users: [https://www.zdnet.com/article/mozilla-to-gradually-enable-
dn...](https://www.zdnet.com/article/mozilla-to-gradually-enable-dns-over-
https-for-firefox-us-users-later-this-month/)

Most of the privacy concerns seem related to the reduced ability of countries
and employers to control the browsing behavior of people. IMHO this is mostly
a good thing. I don't want to inform my government or employer of every
website I visit. Lack of their ability to do this is the whole point of DOH.
It's a feature not a bug. It's the reason I enabled it in my browser: it
improves my privacy and security.

~~~
rini17
In your case, who is the more-than-countries-employers trusted party on the
other end of DoH pipe?

~~~
jillesvangurp
Whichever dns provider I choose to trust. So definitely not any DNS server
operated by O2 (my provider). Aside from being slow; they hijack the dns erros
for ads. Also, I simply don't trust them to do the right thing.

------
badrabbit
This is a bit silly,they're complaining about browsers supporting their own
DoH resolution. You can configure DoH resolution at the OS level just like you
would with legacy DNS,or you could use legacy DNS on the LAN and use DoH for
upstream/Internet bound resolutions.

That said,I do agree that browsers being so presumptuous as to their role in
assuring privacy and interoperability with users' environment is not a good
thing for the internet. This is how you get regulated and this is one more
thing that will force corporations to mandate IE/Edge!

DoT at the OS level sounds great.

------
rini17
404 File not found

~~~
headalgorithm
Alternative link [https://uk.godaddy.com/engineering/2019/09/04/doh-
concerns/](https://uk.godaddy.com/engineering/2019/09/04/doh-concerns/)

