On Wed, Oct 20, 2010 at 4:47 PM, <[email protected]> wrote: > ... > : However, my ISP does not see the DNS requests (or the website since > : all traffic flows through the encrypted VPN). > > It depends on the VPN. Many vpns don't touch your dns settings, > therefore your local resolver sees the requests.
the reverse is not true, however. there are numerous side channels around host default nameserver entries set by VPN software or yourself manually (explicit resolver IP passed to host libs, or custom UDP DNS queries, or caching proxy query reflection, or. etc. "am I leaking DNS?" turns out to be a complicated question... > : If I am using Tor then all DNS resolution is done by the Tor exit > : node. No DNS requests leave my computer unencrypted - unlike in the > : previous two examples. > > If the apps are set to use tor correctly, yes. this is one reason why Tor Button or other privacy minded extensions and configurations explicitly disable bad plug-ins and mime types; this is useful for VPN users in general who want leakage resistant DNS privacy through their VPN provider DNS nameservers rather than ISP defaults. again, more complicated than it seems; devil in the technical details according to your uses and threats... best regards, *********************************************************************** To unsubscribe, send an e-mail to [email protected] with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
