I wish they would have used something like https://en.wikipedia.org/dns-query as the DoH endpoint instead of https://wikimedia-dns.org/dns-query, to make it way less feasible for networks to block wholesale.
8 comments
I wish they would have used something like https://en.wikipedia.org/dns-query as the DoH endpoint instead of https://wikimedia-dns.org/dns-query, to make it way less feasible for networks to block wholesale.
Very important to read the caveats. They can't stop some snooping and they can't stop black hole routing.
Is that different to any other public DNS provider?
No. I only say it because people often have heightened expectations of public interest services, and regrettably this is the one time I think it really matters to understand nobody can entirely hide your surface of visibility, despite the best of intentions.
Former discussions 2 years ago,
"Cloudflare's DNS service for families has been caught blocking LGBTQ content." What? Good God. Any more cluster f**s I do not know about?
For a company that has gone out of its way to repeatedly refuse to block straight up Nazi shit and a whole host of other scumbags stuff this is kind of wild but honestly tracks 100% with my perception of them based on observing Matthew Prince’s actions over many years.
Ganeti, still being used in the wild apparently