It doesn't matter much that your LAN itself is trustworthy if the only way out of it isn't.
> You can put your own router behind theirs. It's ridiculous for them to make you do that but nothing actually stops you.
Yes, you can do that, but it doesn't do anything to help with the problem that DoH solves.
> For which anyone can use a VPN.
I want to live in a world in which you can have privacy without having to be on a VPN 24/7.
> To work around this, a piece of malware would have to contact some custom server on a different port to do a name lookup -- but where does it look up that server's IP address? Hard-coding the IP address allows the malware's lookup server to be blocked.
Couldn't it host a file with the IP on a service like Dropbox or GitHub Pages? People aren't likely to block them at the firewall.
> But if centralized DoH servers become too popular to block because blocking them breaks too many legitimate applications, now the malware can use them and the user can't block them.
Isn't this basically "privacy for computer programs is bad because malware benefits from it", which is wrong for the same reason that "privacy for people is bad because criminals benefit from it"?
> The question is, what are they doing with the data they collect?
What's your ISP doing with all of the data they collect from your insecure DNS queries? And if you're concerned about Cloudflare in particular, then just use some other DoH provider.
> There is already a "least wrong" answer: Use a VPN you trust and use your VPN's DNS or run your own. VPNs have plenty of competition, and you can set up your own on any hosting provider, which also have plenty of competition.
> This is basically the same thing as having Cloudflare do it over TLS, except that it's not centralized and remains in the control of the user, so is better.
> It doesn't matter much that your LAN itself is trustworthy if the only way out of it isn't.
> Yes, you can do that, but it doesn't do anything to help with the problem that DoH solves.
Well sure it is, because if you know the ISP isn't trustworthy, then you can have your own local DNS server encrypt the DNS traffic to the upstream DNS server of your choosing.
> I want to live in a world in which you can have privacy without having to be on a VPN 24/7.
Something has to encrypt the DNS queries. Why is TLS/HTTPS any better than a VPN?
> Couldn't it host a file with the IP on a service like Dropbox or GitHub Pages? People aren't likely to block them at the firewall.
Those services will take down the page when it's hosting malware.
> Isn't this basically "privacy for computer programs is bad because malware benefits from it", which is wrong for the same reason that "privacy for people is bad because criminals benefit from it"?
The question is, privacy from who? Privacy from governments and corporations is good. Privacy from the device owner is bad.
> What's your ISP doing with all of the data they collect from your insecure DNS queries?
Nothing, when you configure your LAN or device to encrypt them.
> And if you're concerned about Cloudflare in particular, then just use some other DoH provider.
Hard-coding Cloudflare in multiple applications on multiple devices makes it arduous to do this, which is the entire criticism.
> Well sure it is, because if you know the ISP isn't trustworthy, then you can have your own local DNS server encrypt the DNS traffic to the upstream DNS server of your choosing.
Isn't DoH exactly the way to "encrypt the DNS traffic"?
> Something has to encrypt the DNS queries. Why is TLS/HTTPS any better than a VPN?
Because with a VPN, you need a VPN endpoint that costs somebody money to run. With TLS/HTTPS, there are no extra systems in the mix.
> Those services will take down the page when it's hosting malware.
Don't domains hosting malware get seized and taken down too?
> The question is, privacy from who? Privacy from governments and corporations is good. Privacy from the device owner is bad.
I 100% agree with this. DoH only provides the former, though.
> Nothing, when you configure your LAN or device to encrypt them.
Again, isn't DoH exactly the way to encrypt them?
> Hard-coding Cloudflare in multiple applications on multiple devices makes it arduous to do this, which is the entire criticism.
Other than Firefox, what applications currently have Cloudflare hardcoded as their default DoH provider?
> Isn't DoH exactly the way to "encrypt the DNS traffic"?
There are any number of ways to do it, the most relevant factor being that the user can choose which DNS server they want to trust, not which protocol you use.
> Because with a VPN, you need a VPN endpoint that costs somebody money to run. With TLS/HTTPS, there are no extra systems in the mix.
Someone is paying to run the DoH servers. You might also ask why they're doing so, for free, when that costs money.
> Don't domains hosting malware get seized and taken down too?
Malware often uses domains on foreign registries that are legally complicated to seize, so it only happens to the most serious offenders and can take a long time.
You also have vendor spyware which is not going to have its domain seized but is also not going to resort to Github pages for name resolution.
> I 100% agree with this. DoH only provides the former, though.
It doesn't. If legitimate applications are using DoH to a server outside of the device owner's control without providing an expedient way to make them all stop, that server can't be blocked without breaking too many things, and then malware running on the owner's device can use it without being blocked or monitored.
> Other than Firefox, what applications currently have Cloudflare hardcoded as their default DoH provider?
When someone is setting a bad precedent it's reasonable to be concerned about what happens when others follow suit.
It doesn't matter much that your LAN itself is trustworthy if the only way out of it isn't.
> You can put your own router behind theirs. It's ridiculous for them to make you do that but nothing actually stops you.
Yes, you can do that, but it doesn't do anything to help with the problem that DoH solves.
> For which anyone can use a VPN.
I want to live in a world in which you can have privacy without having to be on a VPN 24/7.
> To work around this, a piece of malware would have to contact some custom server on a different port to do a name lookup -- but where does it look up that server's IP address? Hard-coding the IP address allows the malware's lookup server to be blocked.
Couldn't it host a file with the IP on a service like Dropbox or GitHub Pages? People aren't likely to block them at the firewall.
> But if centralized DoH servers become too popular to block because blocking them breaks too many legitimate applications, now the malware can use them and the user can't block them.
Isn't this basically "privacy for computer programs is bad because malware benefits from it", which is wrong for the same reason that "privacy for people is bad because criminals benefit from it"?
> The question is, what are they doing with the data they collect?
What's your ISP doing with all of the data they collect from your insecure DNS queries? And if you're concerned about Cloudflare in particular, then just use some other DoH provider.
> There is already a "least wrong" answer: Use a VPN you trust and use your VPN's DNS or run your own. VPNs have plenty of competition, and you can set up your own on any hosting provider, which also have plenty of competition.
> This is basically the same thing as having Cloudflare do it over TLS, except that it's not centralized and remains in the control of the user, so is better.
Cloudflare doesn't have a monopoly on DoH. There's plenty of competition between providers for it too: https://github.com/curl/curl/wiki/DNS-over-HTTPS#publicly-av...