Reply to post: Re: welp....

As netizens, devs scream bloody murder over Chrome ad-block block, Googlers insist: It's not set in stone (yet)

BlartVersenwaldIII
Black Helicopters

Re: welp....

Bear in mind that something else google (and others) want to do For Our Protection is bypass system DNS and have chrome talk to DNS servers directly over HTTPS:

https://developers.google.com/speed/public-dns/docs/dns-over-https

https://en.wikipedia.org/wiki/DNS_over_HTTPS

There are legitimate reasons for wanting to pass DNS queries in encrypted form, but this will also have the effect of neutering DNS-based ad blocking solutions external to the browser such as pi-hole or pfBlockNG - your browser will only talk to the DNS servers it's configured to talk to. It will also make it much harder to see what DNS traffic is occurring - you would essentially need a browser API to do be able to do that directly, as I suspect any implementation would fail if it detected any attempts to MitM the SSL (so you couldn't intercept the DNS by spoofing an 8.8.8.8 on your local network for example since it wouldn't have the requisite google cert).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019