undefined | Better HN

0 pointsJohnFen6y ago0 comments

I don't understand your point. I'm certainly not solely focused on the unsophisticated ones, but those sorts are important too. And they're much more common as they include ad and other trackers.

0 comments

glennpratt6y ago

You want a warm blanket that you blocked some well known ad click tracker while having no real visibility overall. Security theater.

JohnFenOP6y ago

You would be correct if that were my attitude, but it's not. This is not a panacea, it's one component in a larger security posture.

shawnz6y ago

If DNS-based access control is not sufficient on it's own, then is it really worth it to block DoH (which could have other significant security and privacy benefits) just to retain the possibility of using it? Why not focus on improving those other, already necessary access control technologies and forget about abusing DNS for this purpose, so we get the best of both worlds?

1 more reply

j / k navigate · click thread line to collapse