Why Router manufacturers do not implement DoH/DoT in firmware?

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

nikr

Regular Contributor
I understand I can use merlin firmware for DoH/DoT, but just out of curiosity. It'll be a really nice security feature, which they can brag about. Its not like that they'll have to implement it from scratch, clients already exist. All they need to do is make sure it works with their firmware.
 

bbunge

Part of the Furniture
No, Merlin only has DoT. But I agree that DoT would be great in factory firmware!
 

det721

Part of the Furniture
Possibly because there really is no proven way to see if it truly works. I have tested it many times and it always not working as intended failing in one way or the other. Certainly better than nothing though. Also could be there are some browsers doing this as well.
 

AndreiV

Very Senior Member
No, FreshTomato has DoT as well. Same Stubby integration.

Read again, "Merlin only has DOT" as in has DOT but doesn't have DOH.
 

cptnoblivious

Regular Contributor
And if you think DNS over TLS will keep your actions private have a long read here

>>BUSTED , you visited PornHub <<


>> Another article <<

Specific to article 1: It is totally off point and shows a lack of understanding of the issues.

DoT is not meant to anonymize your traffic or hide your traffic from the ISP. It is meant to encrypt your Domain Name queries. That's it. And that's what it does.

You don't want you ISP to see that you go visit a site like PornHub? Great, use a VPN and some _other_ provider will see it, just not yours. This has been discussed many time, and it's sad to see that so many folks have such a poor grasp of how the different pieces fit.

If you really want to _try_ and be anonymous, move to TOR. Or maybe TOR through VPN. Or better yet, get a burner phone with data and use it as a hot-spot to access TOR over VPN. The rabbit hole goes pretty deep, and unless you're Edward Snowden, or living in a country with a repressive regime, I think people need to be reasonable about the approach but also understand that fundamentally, traffic is traceable and the internet was NOT build for people to be fully anonymous with no way to trace traffic back to them.
 

ColinTaylor

Part of the Furniture
Specific to article 1: It is totally off point and shows a lack of understanding of the issues.

DoT is not meant to anonymize your traffic or hide your traffic from the ISP. It is meant to encrypt your Domain Name queries. That's it. And that's what it does.
That's exactly the point that that article is making.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top