Hacker News new | past | comments | ask | show | jobs | submit login

"How do you know this?"

Some 5 second basic investigation.

"Do you work for them?"

No.

"Is that true for all time in the past and the future?"

No. So what? What part of my argument don't you understand?

Also, given the reduction in privacy I just demonstrated above, what's your solution? I gave you one, which was put all websites behind cloudflare. That is a shit solution. I'm hoping you have a better one...?




So if you're right, then Pornhub is a bad example. I agree that ESNI won't help.

However, the reality that a large number of domains are on shared IP addresses, because they're either on some sort of CDN, or are using some sort of cloud-based load balancer etc. For these sites, ESNI certainly will make a difference. I'm not interested in an absolutist argument about how "thing" is useless because it doesn't work for a specific case. Don't let the perfect be the enemy of the good.

> Also, given the reduction in privacy I just demonstrated above

You've not demonstrated any reduction in privacy. "Privacy" as a bare concept is pretty meaningless - Privacy from whom? If I choose to give my DNS data to Cloudflare, that's my choice. Passing plaintext DNS traffic and hostnames on the wire removes my choice to restrict who I expose that data to.

> I gave you one, which was put all websites behind cloudflare. That is a shit solution. I'm hoping you have a better one...?

People have been sharing IPs on domains long before Cloudflare was invented.


> So if you're right, then Pornhub is a bad example. I agree that ESNI won't help.

You need to replace "won't help", with "makes matters worse" for that to be correct.

> "However, the reality that a large number of domains are on shared IP addresses,"

Also, the reality is that a large number of domains are not on shared IP addresses.

> "You've not demonstrated any reduction in privacy"

Incorrect. It's pretty straight forward:

1. Shared IP before ESNI: Increases the number of companies that get to see which website I'm visiting.

2. Non-Shared IPs before ESNI: Increases the number of companies that get to see which website I'm visiting.

3. Shared IP after ESNI: Changes which company gets to see which website I'm visiting.

4. Non-Shared IP after ESNI: Increases the number of companies that get to see which website I'm visiting.

1, 2 and 4 are all making matters demonstratably worse. 3 only makes matters "better" if you think that Cloudflare is a better custodian of your browsing data than your ISP, which is not always the case now, and will not always be the case going forwards. And until ESNI is in place, we're stuck on 1 and 2. So in the short term, Mozilla are definitely definitely making things worse for their users.

> People have been sharing IPs on domains long before Cloudflare was invented.

Also, people have been not sharing IPs on domains longer before CLoudflare was invented, and will continue to do so after DOH is the default. So lets drop this "ESNI will fix it" argument, as it doesn't work unless we centralise the web.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: