Welcome to WebmasterWorld Guest from 34.229.24.100

Forum Moderators: open

DNS over HTTPS, it's privacy in excess

Seeking a balance is difficult

     
6:54 pm on Jun 10, 2019 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:9889
votes: 967


Since last year, organizations like Cloudflare, Google and Mozilla have been working to encrypt DNS queries by implementing a protocol called DNS over HTTPS, one of a handful of related web specs that aim to close privacy gaps that can expose network requests to potential scrutiny.


[theregister.co.uk...]

The saga of web security continues. Article reveals some roadblocks and some up/down sides...
9:52 am on June 11, 2019 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member graeme_p is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts:2947
votes: 191


The IWF is exaggerating and using the wrong numbers.

Although DNS queries will be secure, ISPs will still be able to track what IPs people are connecting to. ISPs can use IPs for blocking instead and, as the article points out, providers will be able to record quries if necessary.

The proportion of child #*$! hosted in the UK has very little to do with what the IWF does or ISP blocking. They both restrict viewing in the UK. The reason people are less likely to host child #*$! in the UK is because of the criminal penalties for doing so, which would also apply to a hosting provider who was aware they were hosting it ( [legislation.gov.uk...] and the "obscene publication" section of this [jisc.ac.uk...] )
9:54 am on June 11, 2019 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member graeme_p is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts:2947
votes: 191


The replacement of a word by punctuation characters is Webmaster World's doing, not mine.