• pandacoder@lemmy.world
        link
        fedilink
        English
        arrow-up
        16
        ·
        1 year ago

        I mean this only routes a small amount to their servers, the actual data to use a website isn’t sent to 8.8.8.8.

        • Kayn@dormi.zone
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          What is Google gonna get from encrypted HTTPS requests that they don’t already get from the associated DNS requests?

          • pandacoder@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            A more granular view of your actual traffic/usage habits.

            Let’s say a page you visit embeds a Tweet, you’ll end up firing off a DNS request for twitter.com, and at least one request to load data from Twitter.

            Now let’s say you actually use Twitter. The DNS request will be the same, and you will have many requests to Twitter to load data.

            In both situations a DNS request is sent off, so the DNS provider knows you probably loaded something but they are going to have a harder time understanding if you are a Twitter user or if you are just frequenting a website with Twitter embeds. However the network provider that can see to what servers the HTTPS request for data are going will see just how often you are actually connecting to Twitter and the size of the transferred data and can build an incomplete but still far more detailed picture of your habits, and they would be able to tell the difference between an only-embed viewer and a regular Twitter user.

            Additional dystopian future possibility:

            Also, for anyone with objectively nefarious future goals, even if the data is encrypted, if one day we are indeed able to break encryption en masse the DNS provider can’t decrypt data they don’t have but the network provider definitely could.

      • Skull giver@popplesburger.hilciferous.nl
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        That wouldn’t be a problem if more clients supported ODoH. Then even Google wouldn’t know the domains you’re looking up.

        Then again Google’s tracking libraries are everywhere so it’s not like they need a VPN or DNS to stalk you.