| ▲ | ape4 4 days ago | |
So many more layers than the original simple DNS protocol. | ||
| ▲ | crote 4 days ago | parent | next [-] | |
"Simple" doesn't always mean "better". A car without seatbelts is less complicated than one with, but it definitely doesn't make it a better car. Similarly, The original DNS protocol doesn't have any form of verification: it is is trivially easy for a MitM attacker to alter the responses - or even for a non-MitM one to send spoofed responses "in the blind". It also doesn't have any form of confidentiality: it is trivially easy for a MitM attacker to log all the requests you make, which essentially means your entire browser history. It takes an awful lot of hacking to turn classic DNS into something even remotely representing a mature and well-designed protocol. By the time you are done bolting on all the other stuff it really isn't all that simple anymore. | ||
| ▲ | pixl97 4 days ago | parent | prev | next [-] | |
Too bad ISPs are real dicks and capture all your DNS requests for tracking and resale. | ||
| ▲ | UqWBcuFx6NV4r 4 days ago | parent | prev [-] | |
OK. It is still there, and you are welcome to use it. | ||