Whatever that provider is, it can not be Cloudflare. Their DNS intentionally black holes domains in common use because they disagree with the sites' politics, and their entire business model is based on MitMing HTTPS connections.
On November 3, 2019 7:41:17 AM PST, Mark H Weaver <[email protected]> wrote: >Mark H Weaver <[email protected]> writes: > >> One possible solution would be to enable DNS-over-HTTPS, which I >believe >> is supported by IceCat-68 although it's disabled by default. See: >> >> https://support.mozilla.org/en-US/kb/firefox-dns-over-https >> >> Incidentally, I think that a case can be made that enabling this is a >> sensible default for most users, even when not using Tor, because it >> prevents the user's ISP from snooping on and hijacking DNS lookups. >> Whereas most users have little or no choice about their ISP, we can >> choose a default DNS-over-HTTPS provider that commits to a strong >> privacy policy. Also, the provider is user-configurable. However, >> I acknowledge that any such decision would be controversial. > >Incidentally, I just learned that the largest ISPs in the US are >currently fighting hard to prevent the roll-out of DNS-over-HTTPS. > >Here's an article by the Electronic Frontier Foundation on this issue: > >https://www.eff.org/deeplinks/2019/10/dns-over-https-will-give-you-back-privacy-congress-big-isp-backing-took-away > > Mark
