Memes

44094 readers

2578 users here now

Rules:

Be civil and nice.
Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago

MODERATORS

[email protected]

1059

Cough Cough... Chrome... Chough... (slrpnk.net)

submitted 2 months ago by [email protected] to c/[email protected]

145 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 2 months ago (1 children)

https://www.cloudflare.com/learning/dns/dns-over-tls/

If I understand it correctly DoH (which I use with NextDNS) should prevent ISP from snooping.

[–] [email protected] 1 points 2 months ago* (last edited 2 months ago)

It will prevent the ISP from snooping on, or tampering with, the DNS request. However when you go to use the IP you've retrieved via DoH/DoT; your first request establishing a TLS connection to that IP will contain an unencrypted SNI which states the domain you are trying to use. This can be snooped on by your ISP.