| ▲ | LiamPowell 3 days ago |
| Why is DoH in the browser more private than DoH in the OS? |
|
| ▲ | DetroitThrow 3 days ago | parent | next [-] |
| It's all about whether you trust the OS to not track you when doing DoH at that level. In both mobile browser ecosystems, I can see why users of a browser would prefer the independent browser to do the DoH themselves, rather than leave it to the OS. |
|
| ▲ | lucideer 3 days ago | parent | prev | next [-] |
| Because there are fewer actors to trust. In the OS you need to trust (1) the OS vendor, (2) the client vendor & (3) any VPN app or HTTP intermediary that's integrated with OS network APIs. In the client you need only to trust the client vendor. |
| |
| ▲ | e12e 3 days ago | parent [-] | | Surely you're at the mercy of the hardware vendor and os in either case? Granted, the os would need to read your address space, not simply supply a recording DNS API, but still... | | |
| ▲ | lucideer 2 days ago | parent | next [-] | | You're at the mercy of the hardware in all cases. You can't do anything without trusting some external party unless you make an apple pie from scratch, but reducing the number of parties needing trusting is usually a good security approach. | |
| ▲ | cogman10 2 days ago | parent | prev [-] | | The hardware and OS in the case of DoH only gets the IP address for the connection. It's not horribly hard to figure out who owns that IP address, but it's definitely harder than just reading a domain name. |
|
|
|
| ▲ | add-sub-mul-div 3 days ago | parent | prev [-] |
| It's not Google. My heuristic is that the bigger the tech giant the more sophisticated, indirect, and obfuscated the sharing/selling of data. |
| |
| ▲ | benoau 3 days ago | parent [-] | | The fact that Google has incurred over $3 billion in fines in recent years specifically for infringing people's privacy should be a consideration! |
|
