| ▲ | e12e 3 days ago | |
Surely you're at the mercy of the hardware vendor and os in either case? Granted, the os would need to read your address space, not simply supply a recording DNS API, but still... | ||
| ▲ | lucideer 2 days ago | parent | next [-] | |
You're at the mercy of the hardware in all cases. You can't do anything without trusting some external party unless you make an apple pie from scratch, but reducing the number of parties needing trusting is usually a good security approach. | ||
| ▲ | cogman10 2 days ago | parent | prev [-] | |
The hardware and OS in the case of DoH only gets the IP address for the connection. It's not horribly hard to figure out who owns that IP address, but it's definitely harder than just reading a domain name. | ||