this post was submitted on 23 Apr 2024
1050 points (97.0% liked)
Memes
45688 readers
480 users here now
Rules:
- Be civil and nice.
- Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The ISP can see every domain, but not every page. That's what HTTPS everywhere was all about.
And hopefully in the future they won't even he able to see the domain. I wonder why they never considered giving out certificates for IPs to solve this problem. Seemed like the easiest solution to me.
They need the IP address to know where to forward the packet to. Hard to avoid that without VPN or TOR.
There was a demo for a technology put out recently that circumvents this. I don't remember the exact mechanisms, but it obscured DNS such that your ISP couldn't see the DNS record you requested, and then used a proxy to route traffic before it hit the final endpoint eliminating exposing the IP to your ISP. It worked very similar to a VPN, but without the encrypted connection, and had some speed focused optimizations including the proxy being proximate to your ISP. It was pretty interesting.