Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

They aren't possible for the network to unilaterally impose on unwilling users. They're still possible if the user actually wants it, by just setting their client's DoH server to one that does them.


A network suggests a DNS server

You can choose to use that server or not

If a network intercepts your DNS traffic, you can encrypt it yourself. If you don't trust the network you should be encrypting everything anyway


> You can choose to use that server or not

If you're not using DoH, a malicious network will just redirect your requests to legitimate DNS servers to instead go to its own.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: