Improving DNS Privacy with Oblivious DoH in 1.1.1.1

[RMerlin]

I read through the Cloudflare post, and quite frankly, this is a stupid idea. Yet another single point of failure introduced, more latency, and you are just shifting your trust into the hands of the one running the proxy.

DNS resolution is a core, low-level protocol that is critical to many Internet applications such as web browsing (which relies heavily on DNS resolution as the average website often has over a dozen of hostnames in need of DNS lookups). Every time you make it more complicated and you increase its latency, it will have a very visible negative impact on the user experience. DNS was originally designed the way it was for very good reasons:

- UDP based for the lowest latency possible
- Very simple and robust to reduce the chances of things breaking
- Highly redundant, you can use ANY nameserver in case your usual primary server went down (and you can typically use at least two different resolvers as a failover)
- Decentralized as much as possible, so you aren't forced to put all of your trust into the hands of one specific provider

Modern "solutions" are constantly throwing overboard all of these basic design principles, and they keep making things worse. DoT and DNSSEC were reasonable compromises because of the core issues they addressed. DoH makes it worse for no good reason (and enough already with the "it's the only way to avoid censorship", it takes just a few firewall configs to completely block DoH), and ODoH makes it even worse, once again for no real good reasons.

Seriously folks, start thinking of the Internet as a public place. Do any of you wear a costume and a full face mask whenever you go out shopping, because you don't want anyone else to know you went into this store or that store? Why is doing that so "important" on the Internet, but not important when you go out shopping? Do you go to a company's special building to hire someone to go into the supermarket for you, just so that supermarket won't know you shop at their place, but you trust that company's proxy buyer to respect your privacy better than the supermarket? This is exactly what is going on here with ODoH.

People are confusing "wants" with "needs" in this case. What you want does not always equal what you need, and what you need does not always equal what you want.

 

[cptnoblivious]

@RMerlin I don't think the supermarket analogy is all that apt.

If inside the supermarket they had people that followed you down every isle, kept track of every item you put in your cart, picked up or even glanced at, and then saved that info to send you targeted adds, that's uncomfortable and feels like an invasion of privacy even in a public place.

I'm in no way saying that we need to muck around with DNS, nor am I commenting on the new 'standards' vs. DNSSEC. I am saying that the amount that corporations know about us (nevermind ISPs or governments) is probably already too much.

Just one point for reference: https://www.forbes.com/sites/kashmi...teen-girl-was-pregnant-before-her-father-did/

Just my $0.02

 

[SomeWhereOverTheRainBow]

I read through the Cloudflare post, and quite frankly, this is a stupid idea. Yet another single point of failure introduced, more latency, and you are just shifting your trust into the hands of the one running the proxy.

DNS resolution is a core, low-level protocol that is critical to many Internet applications such as web browsing (which relies heavily on DNS resolution as the average website often has over a dozen of hostnames in need of DNS lookups). Every time you make it more complicated and you increase its latency, it will have a very visible negative impact on the user experience. DNS was originally designed the way it was for very good reasons:

- UDP based for the lowest latency possible
- Very simple and robust to reduce the chances of things breaking
- Highly redundant, you can use ANY nameserver in case your usual primary server went down (and you can typically use at least two different resolvers as a failover)
- Decentralized as much as possible, so you aren't forced to put all of your trust into the hands of one specific provider

Modern "solutions" are constantly throwing overboard all of these basic design principles, and they keep making things worse. DoT and DNSSEC were reasonable compromises because of the core issues they addressed. DoH makes it worse for no good reason (and enough already with the "it's the only way to avoid censorship", it takes just a few firewall configs to completely block DoH), and ODoH makes it even worse, once again for no real good reasons.

Seriously folks, start thinking of the Internet as a public place. Do any of you wear a costume and a full face mask whenever you go out shopping, because you don't want anyone else to know you went into this store or that store? Why is doing that so "important" on the Internet, but not important when you go out shopping? Do you go to a company's special building to hire someone to go into the supermarket for you, just so that supermarket won't know you shop at their place, but you trust that company's proxy buyer to respect your privacy better than the supermarket? This is exactly what is going on here with ODoH.

People are confusing "wants" with "needs" in this case. What you want does not always equal what you need, and what you need does not always equal what you want.

For those with an interest on why DoH has such a bad wrap, you can read about it here

DNS-over-HTTPS causes more problems than it solves, experts say

Several experts, companies, and national entities have voiced very convincing concerns about DoH and its features.

www.zdnet.com

The problem I have with the whole DNS Privacy seen is that it is not truly private as RMerlin has pointed out. The only reason this maybe appealing is to control government censorship.. Some countries do not believe in some of the same freedoms people observe in other countries. DoH is hard or next to impossible to detect and block. This is not in reference to the ISP. The ISP can still see what you do as there are other ways to track your traffic.(For example your non-private IP address). The big flaw in DoH is that it evades even security application measures put in place by adminitstators. You could be putting yourself at more risk simply by evading cyber-security measures that are implemented for your actual protection. Cyber Security measures are often put in place to redirect your traffic if it is in the presences of known malware. DoH puts the blinders on rendering these cybersecurity measures useless. (this is why it is important to use a DoH provider that replaces this missing security blanket.)

 

[RMerlin]

If inside the supermarket they had people that followed you down every isle, kept track of every item you put in your cart, picked up or even glanced at, and then saved that info to send you targeted adds, that's uncomfortable and feels like an invasion of privacy even in a public place.

This is already happening. For instance, most local supermarkets here have points cards that allows them to know which products people buy, and they send rebate vouchers based on their usual purchase habits. Nothing would technically stop them from also using facial recognition combined with security cameras to achieve the same. China for instance have large scale facial recognition cameras in place in some areas.

 

[RMerlin]

DoH is hard or next to impossible to detect and block.

The list of most DoH serers is known. Block port 443 access to all of these IPs.

 

[cptnoblivious]

This is already happening. For instance, most local supermarkets here have points cards that allows them to know which products people buy, and they send rebate vouchers based on their usual purchase habits. Nothing would technically stop them from also using facial recognition combined with security cameras to achieve the same. China for instance have large scale facial recognition cameras in place in some areas.

Some of it certainly is. Some stores may also track the MAC from your phone if it's WIFI is enabled as you walk around and it's scanning networks. And it wouldn't be hard to pair the two datasets.

But, you can only worry about so much before you start reaching for the tinfoil.

Still, the level of tracking isn't yet in the same league.

 

[thecheapseats]

<snip>Do any of you wear a costume and a full face mask whenever you go out shopping...<snip>

Does this covid-mask make my butt look big?...
(sorry man - couldn't resist - I live for punchlines)...

 

[AndreiV]

@RMerlin I don't think the supermarket analogy is all that apt.

If inside the supermarket they had people that followed you down every isle, kept track of every item you put in your cart, picked up or even glanced at, and then saved that info to send you targeted adds, that's uncomfortable and feels like an invasion of privacy even in a public place.

But that is exactly what they do. Store discount/club/loyalty cards and loyalty debit/credit cards all collect exactly that data about your spending and habits.

Every store that uses POS scanning systems at the tills stores every detail about your purchases and card details it is all listed and time stamped.

Retailers, suppliers and manufacturers use that data to make supply predictions. Your personal data is worth $ millions and is sold every day.

Supermarket chains offer club/loyalty cards where you earn points which you can exchange for discounts on goods. You register your card, they have your name, address, phone , email .......... they know ALL of your habits and preferences , the ages and gender of your children, when you are on holiday etc. They only do this for one reason , they make millions £ $ selling that data on to other companies.

In the UK, TESCO have predictive shopping , sign up and they analyse your shopping habits , then you walk in to the store on your chosen day and your "usual" shop will be ready for you in a box .

 

[AndreiV]

Does this covid-mask make my butt look big?...
(sorry man - couldn't resist - I live for punchlines)...

My neighbour got a black eye answering questions like that.

Wife, getting ready for a dinner party:

"Does this make my butt look big? "

Husband:

"Yes dear, but to be fair it is a very small bathroom"

He still sleeps on the couch.

 

[Deepcuts]

I read "Improving DNS privacy" but in my mind, I actually read "we are working on a way to serve more ads and bypass corporate filtering"
And to think there are people actually believing that somehow these "secure" DNS providers with their DoH and all the other acronyms are more trustworthy. "No, they will not use and sell my data. They actually care about user privacy and spent money on it because they are nice"

 

[Zastoff]

Looks like ODoH will be available soon thru DNSCrypt-proxy.

Link
&
Extra info