[-] achsonaja@lemm.ee 10 points 1 year ago* (last edited 1 year ago)

First build?! Jumped right into the deep end huh?

Edit: nice build and desk setup

[-] achsonaja@lemm.ee 1 points 1 year ago

How so? I’m using unbound locally for recursive DNS, but I’ll checkout what DNSCrypt adds since it seems like local encrypted DNS to the recursive servers.

Wouldn’t ECH still work with this setup and this setup be more secure since you’re not handing off your DNS requests to some other company?

[-] achsonaja@lemm.ee 5 points 1 year ago

Yeah I think it has the same limitations that pretty much anything not through a vpn has because you still have to tell your isp where to send the data. Your isp will still see some things, even if it’s encrypted (metadata, DPI, habits, and things beyond my knowledge). This sounds like a step in the right direction for the majority of people though, even if it’s minor.

I kind of see it like differentiating between them seeing lemmy.ml via this vs lemmy.ml/thing-i-want-private/peronal.html without it, but I could be wrong about that.

[-] achsonaja@lemm.ee 8 points 1 year ago

Does this rely on DOH? Seems like if I’m running my own recursive DNS that this won’t apply to me.

[-] achsonaja@lemm.ee 12 points 1 year ago

lol you’re right. I misread that, my bad.

[-] achsonaja@lemm.ee -3 points 1 year ago
[-] achsonaja@lemm.ee 3 points 1 year ago

Might be whooshing here, but that forest friend isn't in a forest. At best an urban jungle.

[-] achsonaja@lemm.ee 31 points 1 year ago

There’s no way engineers didn’t push this to production without testing.

That's quite an assumption

achsonaja

joined 1 year ago