this post was submitted on 23 Apr 2024
1050 points (97.0% liked)

Memes

45629 readers
1113 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
gary_host_laptop@lemmy.ml
sexy_peach@feddit.de
cyclohexane@lemmy.ml
cypherpunks@lemmy.ml
1050
Cough Cough... Chrome... Chough... (slrpnk.net)
submitted 6 months ago by Sunny@slrpnk.net to c/memes@lemmy.ml
152 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[โ€“] WereCat@lemmy.world 1 points 6 months ago (1 children)

https://www.cloudflare.com/learning/dns/dns-over-tls/

If I understand it correctly DoH (which I use with NextDNS) should prevent ISP from snooping.

[โ€“] Darkassassin07@lemmy.ca 1 points 6 months ago* (last edited 6 months ago)

It will prevent the ISP from snooping on, or tampering with, the DNS request. However when you go to use the IP you've retrieved via DoH/DoT; your first request establishing a TLS connection to that IP will contain an unencrypted SNI which states the domain you are trying to use. This can be snooped on by your ISP.