> On Jul 14, 2018, at 9:27 PM, Stephane Bortzmeyer <[email protected]> wrote: > >> 1. Tor is vulnerable to DNS fingerprinting, particularly at the >> recursive resolver. Many Tor exits use Google public DNS (~40%, by >> exit throughput), > > I know this research but I don't see the point. You typically connect > to your DoH or DoT resolver by IP address so the resolver used by the > exit node is irrelevant. > > (Also, if you use a .onion, there is no exit node.) >
The work shows how intersection attacks are possible with the client IP. >> 3. Tor and .onion in particular have some pretty serious usability >> problems. > > Users typically don't interact directly with their DNS resolver, > unlike they like to use dig so, again, I don't see how it is related > to the problem. Exactly. They do, however, interact with the Tor Browser (and not well), and that’s exactly the point. -Nick _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
