Also, when using a public VPN, because of shitty services you need to split tunnel a ton.
Once ReThinkDNS is ready, this could be done to a home router at least. But setting up DynDNS or even a domain is not scaleable at all, to normie people.
That one can be bypassed by using an own DNSSEC or DOT DNS provider I think.
This makes “compliance” captive portals even more annoying… in Germany, every public network has one, so that people accept that they are not responsible for whatever and log MAC addresses and whatever.
This requires to use DHCP advertised insecure DNS, great!
Arent there many cases of VPN leaks?
Also, when using a public VPN, because of shitty services you need to split tunnel a ton.
Once ReThinkDNS is ready, this could be done to a home router at least. But setting up DynDNS or even a domain is not scaleable at all, to normie people.
There are many problems with VPN on public networks. Here’s an example https://www.fortiguard.com/psirt/FG-IR-24-170
That one can be bypassed by using an own DNSSEC or DOT DNS provider I think.
This makes “compliance” captive portals even more annoying… in Germany, every public network has one, so that people accept that they are not responsible for whatever and log MAC addresses and whatever.
This requires to use DHCP advertised insecure DNS, great!