(twitter.com)

1183 points robenkleene | 1 comments | 20 Oct 20 15:51 UTC | HN request time: 0.214s | source

Show context

paranorman ◴[20 Oct 20 16:02 UTC] No.24838948[source]▶

That’s annoying yet pretty predictable, at least we’ve still got https://pi-hole.net/ as an option until DNS encryption becomes widespread :/

replies(4): >>24839196 #>>24839381 #>>24840498 #>>24842893 #

buzzerbetrayed ◴[20 Oct 20 16:21 UTC] No.24839196[source]▶

>>24838948 #

Not a pi-hole user, but what is the plan for pi-hole once encrypted dns is everywhere? Will it just be dead? I can’t really think of a way for it not to be.

replies(7): >>24839311 #>>24839340 #>>24839349 #>>24839493 #>>24839565 #>>24840121 #>>24841388 #

Skunkleton ◴[20 Oct 20 16:30 UTC] No.24839349[source]▶

>>24839196 #

DoT isn't a big problem for a pihole, but it doesn't look like things are going that way. DoH can only be blocked by a mitm proxy. You would have to take a pretty serious security hit to do something like that with a pihole.

replies(3): >>24839429 #>>24840326 #>>24840851 #

1. MrMorden ◴[20 Oct 20 17:49 UTC] No.24840326[source]▶

>>24839349 #

Whitelisting would make it much more difficult for wildcat DoH. On the gripping hand, whitelisting is extremely annoying and tends to block more work-related-and-useful than software that is actually malicious.

↑

Apple's apps bypass firewalls like LittleSnitch and LuLu on macOS Big Sur