Reply to post: "How could it bypass ad filters?"

Microsoft joins Google and Mozilla in adopting DNS over HTTPS data security protocol

LDS Silver badge

"How could it bypass ad filters?"

AdBlock may work until the browser let it work (see Chrome API changes to neuter them) - and you have to install it explicitly on each device you're using. Moreover not all software retrieving ads or sending slurped data is a browser and can be blocked with an add-in.

But using built-in DNS resolvers using their own DNS over HTTP means they will try to bypass ad filters employed at the DNS level like PiHole and the like.

PiHole & C. can be updated to support DoH too, but users will be required to be able to generate valid certificates, which is a "little" more complex than just setting the DNS IPs. Moreover as more software won't use the OS DNS settings (and the hosts file as well...), you'll need to change the settings in each of them. Sure, there will be group policies and the like, maybe, but it's not something most home and SOHO networks employ, and after all, they need to track what people do outside the office.

You can still try to block the DoH endpoints, but once they control the Internet DNS system good luck with that.

IP blacklists would still work - but once you control the DNS you can even keep on rotating the underlying IPs of your ads farms and make them far harder to block.

I see people who while believing to get some more secrecy, are giving away more privacy.

Google & C. will still give away data to law enforcing agencies, if people believe this will protect their little illegal activities from ISPs reporting they are utterly wrong.

Especially since these systems to answer quickly and avoid too much traffic across long-distance links use anycast and have systems answering in each country (or almost), so cops don't need to go much far to get the data, and don't really need to go through international agreements for requests.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020