> On Apr 9, 2018, at 10:59 AM, Shumon Huque <shu...@gmail.com> wrote:
> The ODNS server can still easily collude with recursive server operators to 
> unmask the clients though, so I'm not sure how much privacy we've really 
> gained. At some point, it may be reasonable to ask why aren't clients 
> funneling their queries through a real anonymity network instead, like Tor, 
> or better.

Because Tor has exactly the same problem, but the intelligence agencies already 
have a ten-year head-start in setting up entry/exit nodes?

Still, I’m with Shumon on this…  It seems like a reasonable thing to do, but it 
only works as long as the entry and exit nodes are not affiliated…  If it 
provided any major privacy benefit, folks who wanted to deanonymize the traffic 
would just pay what it cost to set up both entry and exit nodes, and you’ll be 
right back in the jam that Tor is in.  So, I’m happy to support it, but it’s a 
layer of defense-in-depth, not a stand-alone solution.


Attachment: signature.asc
Description: Message signed with OpenPGP

dns-privacy mailing list

Reply via email to