Hacker News new | past | comments | ask | show | jobs | submit login

If you think someone is watching your wire they will see what you connect to after resolving it. That's true if your ISP resolved it, Google resolved it or you resolved it. If this is a problem, you need a different solution altogether.

So because a snooping provider is irrelevant when we talk only about resolving DNS, that only leaves the choice of which party to the chain of entities that are able to easily snoop on your or not. If privacy is important, adding Google or any other DoT resolver to that chain is strange.

That's true if an IP only serves requests for a single domain. With ESNI it's now possible to connect to a server that hosts services for multiple domains without the domain being divulged in the clear on the wire.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact