I read a bit about using a different DNS for Privacy and I think the best one should be quad9? Or is there anything better except self hosting a DNS?

  • @[email protected]OP
    link
    fedilink
    English
    31 year ago

    As far as I read (I’m no expert!) they could check the SNI of the TLS handshake if they want. But using the DNS of the ISP is handing them the data right in a way they can analyze/use them very easily afaik?

    Still learning about this topic!

    • @[email protected]
      link
      fedilink
      English
      21 year ago

      They route your traffic, hence they can see all IP addresses you communicate with. With a reverse lookup you can then usually find out the address too.

    • @bazsy
      link
      English
      11 year ago

      The header of a Http request always contains the domain unencrypted because it’s possible to host many different websites on the same IP. So this information is needed before the encrypted tunnel is built up.