> Ok, you obviously don't believe DNS traffic needs privacy on the sole > basis, that there's a bigger fish in the pond. I have seen X-Files and > I choose to believe, let's leave it at that and move to the technical > side of things.
I am telling from my first message! And I am telling that your approach is also not useful because of several reasons Provided you and you appears that you did not read them. Sorry, I am not planning to repeating myself here. > > How did "all people in X country" get to my example? My IP address is > for example public. Can you get any meaningful information from the > name server about my lookups? Sure. NO. > Can you correlate my lookups to other people? Yup. I reiterate the DNS > traffic _isn't_ interesting for incriminating evidence, but it can tell > you at which servers to look for such evidence. > Because how can you tell which website to crawl? You can for example > traverse all newly registered domains, domains with an empty whois, but > you can observe a group of nodes interested in such websites. If they > have a good track record of looking up the address of the abusive > website each Friday night, there's a good chance that the thing they'll > be looking up the next time will be similar. Again, this sort of > information doesn't make them guilty, but a potential suspects and I do > not claim such thing. > :-) sorry we are agree on disagree, so I would no longer answer to this message. I think I repeated myself a lot. I keep telling you that NEXT traffic that is traffic from User X to server Y is what already the TU has (x can be a group of users or one user and y also can be a group of servers) and can analyze them all with no problem. So what you change here? Nothing. That traffic is running and TU sniffing it. So you just bother yourself to change your resolver IP address (hide them in what so ever way) but YOU did not hide the main source of traffic and you did not complicate the process of this TU. Please widen your scope and also look that what next traffics can be then probably you can understand my concern... TU doesn't want to crawl a website! For your case if TU only wants to focus on DNS traffic he needs to crawl a website but not for my case where TU SKIP DNS traffic and only check the real user traffics. This traffic clearly in a real-time tells TU what a group of users are interested are. Best, Hosnieh _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
