Yesterday I had the pleasure of looking deeper into the upcoming DNS over HTTPS (or DoH). It will ensure that just like your traffic, the websites you visit can't be monitored nor easily censored by your ISP or any intermediary. It's a long overdue idea which I'm delighted to hear is finally happening! There's one piece of information I haven't been able to find regarding its privacy capabilities, and I'd very much like to know this for my curiosity.
I'm aware that with DoH, your ISP is unable to see the DNS request for the website you're visiting. But can they still see the IP address of that website as you're transferring data to / from them, and know which server you're communicating with in the end? Or will they have no idea which IP you are taking to either, other than of course the DoH provider itself (Google / Cloudflare / etc)?
Note that this is excluding deep packet inspection: That more or less counts as breaking encryption and is a different story. I'm referring as to whether the ISP can see any information which identifies the server you're talking to in plain text, and has any way to tell "this user is accessing a machine belonging to blablabla.com".
No comments:
Post a Comment