Hacker News new | past | comments | ask | show | jobs | submit login

I do DoH with pi hole and cloudflare (followed arch wiki for all of that) but I think it’s silly. You don’t know what I’m resolving but you still know what ips I’m visiting and can just look up their host names. What does it really do?



You can have multiple hostnames per IP. (i.e. If you are using a site that uses cloudflare)

That fact will make it very difficult to resolve hostname to ip address for anyone behind a CDN. That is the reason Comcast is fighting it.


Makes sense. Thanks. Then I’m glad I’m using it! I fell into the arch wiki black hole and an hour later had pi hole, DoH and OpenVPN all configured so all my devices including my iPhone go through my home internet and the pi hole. Pretty neat. No ads while mobile. I did have to do tcp on 443 since udp and t mobile did not play nice together. I was too lazy to debug that though.


A fair chunk of internet content is hosted in the cloud. So while comcast knows exactly what IPs you are talking to they can't tell much else.

This prevents them from tracking your habits, selling that data, and creating or marketing competition. It also makes it harder to crippling the network for some specific competitor like youtube or netflix.

How else is Comcast going to hold it's users hostage so netflix has to pay extra to get the bits the customers paid to get?


The vast majority of relevant privacy-sensitive information is not IP addresses. The ISP can't read the full content of every page just from IP addresses.


I thought DoH would defeat the pihole. Is this incorrect?


Check out the pi hole arch wiki. Tells you how to use DoH with cloudflare. Takes 2 minutes.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: