On 2019-10-01 15:22, Stephane Bortzmeyer wrote:
On Tue, Oct 01, 2019 at 12:11:32PM +0200, Jeroen Massar <jeroen@massar.ch> wrote a message of 101 lines which said:
- Using a centralized/forced-upon DNS service (be that over DoT/DoH or even plain old Do53
Yes, but people using a public DNS resolver (of a big US corporation) over UDP is quite an old thing and nobody complained. I really wonder why there was so little reaction against OpenDNS or Google Public DNS and suddently a lot of outcry against DoH...
Those services the user decides on themselves. It is not a default in the browser.
You might also want to look into this amazing thing called Tor if you really want privacy.
I know it, and use it and it is awfully slow. Telling to people who want privacy that they need to adopt the difficult and costly (in performance) solutions made for iranian opponents won't help to improve security.
Then Tor is not for your purpose indeed. Use a VPN, or better switch ISP so that you do not keep paying an entity that you do not trust.
Noting that many ISPs are deploying both DoT and DoH next to Do53.
Fact-checking: could you name some? (I do not know even one.)
https://www.as15600.net/ And there are many others who have announced it. Greets, Jeroen