/g/ - Technology

install openbsd

[Make a Post]
[X]





Anonymized DNS Nanonymous No.8114 [D][U][F][S][L][A][C]
File: 8e253ecc3327bd515ae287462f087482944c640cd167ed1a37339e62713ffb16.jpg (dl) (76.17 KiB)
>DNS encryption was a huge step towards making DNS more secure, preventing intermediaries from recording and tampering with DNS traffic.
>However, one still has to trust non-logging DNS servers for actually doing what they pretend to do. They obviously see the decrypted traffic, but also client IP addresses.
>In order to prevent this, using DNS over Tor or over proxies (HTTP, SOCKS) has become quite common. However, this is slow and unreliable as these mechanisms were not designed to relay DNS traffic.
>A new step towards making DNS more secure has been made. Today, I am thrilled to announce the general availability of Anonymized DNSCrypt, a protocol that prevents servers from learning anything about client IP addresses.
>Available in dnscrypt-proxy now!
https://github.com/DNSCrypt/dnscrypt-protocol/blob/master/ANONYMIZED-DNSCRYPT.txt
https://www.reddit.com/r/dnscrypt/comments/dhoxah/anonymized_dns_is_here/

Nanonymous No.8115 [D][U][F]
File: f65bbda970e9fd0578a1e88dd5bdf1d76eceece87d3e306dab8de1e27f04d2ad.png (dl) (110.76 KiB)
Guess if I use that on top of tor it's just one more relay.

Nanonymous No.8116 [D]
finally.
reddit does something good for once

Nanonymous No.8119 [D] >>8120
this is good, but does it matter anyway if i use nothing but tor at all times?

Nanonymous No.8120 [D]
>>8119
If you care about speed, yes. AnonDNScrypt is supposedly very fast.

Nanonymous No.8121 [D] >>8135
all these attempts to make DNS more secure are retarded you fucking nignogs. dnssec and this retarded clusterfuck of "encrypted" DNS memes are all garbage and bloat. it's bad enough that we have to use DNS in the first place.
protip: nothing of importance ever actually required DNS to be "secure" in the first place

Nanonymous No.8129 [D] >>8131 >>8198
Just start content-addressing.
http://ipfs.io/

Nanonymous No.8130 [D]
I use tor-resolve then cache the resolution, nothing bad about it right?

Nanonymous No.8131 [D] >>8134
>>8129
What if you want to update the content though?

Nanonymous No.8133 [D][U][F] >>8135
File: 054da5fbfe1d62838483bf77b49aa3d3de10bdeec4019e43d3baa0a537842003.png (dl) (9.48 KiB)
DNS does seem pretty shit. I would like something similar to OnionV3 addresses that combine a name prefix with random characters.

Nanonymous No.8134 [D] >>8136
>>8131
There's IPNS for that.

Nanonymous No.8135 [D] >>8313
>>8121
>>8133
You both don't seem know what DNS is. Go read a fucking book or even the wikipedia.

Nanonymous No.8136 [D][U][F]
File: 2f2bc406de078007b772d56f1fd7379e39f848c6aa86b84b68fd9010a688ec5c.png (dl) (9.50 KiB)
>>8134
Wut?
https://en.wikipedia.org/wiki/.onion

Nanonymous No.8141 [D][U][F]
File: f25834e9c765cf814ce98aa95df9aca03277ccc1263f1b5e802fde133787e731.jpg (dl) (395.13 KiB)
That's actually pretty nice.
I mean, think about it:
a) Use some public DNSCrypt server as a server
b) Use a relay of your own (like a VPS somewhere)
Now even if glowers seize your relay, they won't know what you did look up unless they seize the server too and manage to get the unencrypted logs (compromising the short-term server key pretty much on the fly seems unlikely), and let's be honest here - it is highly unlikely it's going to be that bad, and the threat isn't about this - it's about greedy corporations datamining your DNS requests passively; and you don't even have to use your private relay if public ones are going to be available.
>use some arbitrary magic to wrap dnscrypt queries into queries for relays
TBH it seems so straightforward that I wonder if some haXors have been doing it for a while know, like, for personal privacy purposes, not for some illegal stuff.

Nanonymous No.8149 [D]
IPNS is not content based addressing. Make up your mind.

Nanonymous No.8198 [D]
>>8129
Once ipfs over Tor is working, I will.

Nanonymous No.8295 [D] >>8313
>using DNS over Tor or over proxies (HTTP, SOCKS) has become quite common. However, this is slow and unreliable as these mechanisms were not designed to relay DNS traffic.
no, it's not
DNS over Tor works great, I will continue to use it while flushing your CIA alternative into the toilet

Nanonymous No.8299 [D]
>DNS-Crypt proxy
What the fuck?
Why not something real like one of them cheesy DNS servers.

Nanonymous No.8313 [D]
>>8135
DNS is a piece of shit protocol that gives you some bullshit arbitrary string as an answer to some queries you do, like A, NS, etc. I think YOU don't know what DNS means since you're defending the idea of this retarded trash having some notion of """security and privacy""".
>>8295
>these mechanisms were not designed to relay DNS traffic.
what the actual fuck are you talking about? anyway, it doesn't matter. DNS is not meant to work and Tor is only a stopgap measure until the web finally dies

Nanonymous No.8416 [D]
>Cares about privacy
>Uses reddit
??????????????????????????????????