logoalt Hacker News

Benderyesterday at 1:28 AM2 repliesview on HN

When all the authoritative servers support TLS I can enable TLS outbound but very few of them do at the moment. At some point someone is decrypting, turtles all the way down. I could of course just do DoT to another instance of Unbound somewhere else but I do not need to do that as my ISP does not care about my queries. I used to keep standby DoT Unbound servers around but I have never once seen a US ISP tinker with my traffic. If they did I would put up billboards saying they what they are doing.


Replies

aand16yesterday at 1:10 PM

Yours is not particularly problematic but I've always wondered how come advertising agencies allow highly controversial topics on their billboards in the US.

I know some (all?) EU advertisers deny creatives based on optics i.e. "our name and logo is on the billboard frame, we don't wanna get associated with topic X".

show 2 replies
abcdefg12yesterday at 9:09 AM

There is a bunch of public dnscrypt servers to which your client can randomly fan out encrypted queries.

show 1 reply