this post was submitted on 13 Jul 2024
38 points (100.0% liked)

Privacy

32120 readers
399 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I am wondering if an ISP or network admin on my network would be able to change where a DNS server is located at (ex: if a DNS server is located at 132.192.175.210, the ISP/netadmin can redirect it to their own server at 11.29.102.201 to change where the DNS records point to). Does DNSSEC and DoH/DoT combat this, and how? Why is it safe to use a domain for DoH/DoT if it requires going through insecure DNS to get to a secure DNS?

you are viewing a single comment's thread
view the rest of the comments
[–] adespoton@lemmy.ca 2 points 4 months ago

The other thing to consider of course is that if you use DoH/DoT, you still have to trust THAT DNS authority. All you’ve guaranteed is that a secure lookup and response transaction has hit their server, not that their server is providing an authoritative result and the operator isn’t storing/selling your requests.