alt Hacker NewsWhen all the authoritative servers support TLS I can enable TLS outbound but very few of them do at the moment. At some point someone is decrypting, turtles all the way down. I could of course just do DoT to another instance of Unbound somewhere else but I do not need to do that as my ISP does not care about my queries. I used to keep standby DoT Unbound servers around but I have never once seen a US ISP tinker with my traffic. If they did I would put up billboards saying they what they are doing.
Replies
abcdefg12 • yesterday at 9:09 AM
There is a bunch of public dnscrypt servers to which your client can randomly fan out encrypted queries.
➕ show 1 reply
Yours is not particularly problematic but I've always wondered how come advertising agencies allow highly controversial topics on their billboards in the US.
I know some (all?) EU advertisers deny creatives based on optics i.e. "our name and logo is on the billboard frame, we don't wanna get associated with topic X".