Why Router manufacturers do not implement DoH/DoT in firmware?

[nikr]

I understand I can use merlin firmware for DoH/DoT, but just out of curiosity. It'll be a really nice security feature, which they can brag about. Its not like that they'll have to implement it from scratch, clients already exist. All they need to do is make sure it works with their firmware.

 

[bbunge]

No, Merlin only has DoT. But I agree that DoT would be great in factory firmware!

 

[Deleted member 22229]

Possibly because there really is no proven way to see if it truly works. I have tested it many times and it always not working as intended failing in one way or the other. Certainly better than nothing though. Also could be there are some browsers doing this as well.

 

[gp-se]

Synology does DoH in the newer firmware versions.

 

[Tech9]

No, Merlin only has DoT.

No, FreshTomato has DoT as well. Same Stubby integration.

 

[AndreiV]

Be careful what you wish for .

>> DOH is a problem not an answer <<

 

[AndreiV]

And if you think DNS over TLS will keep your actions private have a long read here

>>BUSTED , you visited PornHub <<


>> Another article <<

 

[AndreiV]

No, FreshTomato has DoT as well. Same Stubby integration.

Read again, "Merlin only has DOT" as in has DOT but doesn't have DOH.

 

[cptnoblivious]

And if you think DNS over TLS will keep your actions private have a long read here

>>BUSTED , you visited PornHub <<


>> Another article <<

Specific to article 1: It is totally off point and shows a lack of understanding of the issues.

DoT is not meant to anonymize your traffic or hide your traffic from the ISP. It is meant to encrypt your Domain Name queries. That's it. And that's what it does.

You don't want you ISP to see that you go visit a site like PornHub? Great, use a VPN and some _other_ provider will see it, just not yours. This has been discussed many time, and it's sad to see that so many folks have such a poor grasp of how the different pieces fit.

If you really want to _try_ and be anonymous, move to TOR. Or maybe TOR through VPN. Or better yet, get a burner phone with data and use it as a hot-spot to access TOR over VPN. The rabbit hole goes pretty deep, and unless you're Edward Snowden, or living in a country with a repressive regime, I think people need to be reasonable about the approach but also understand that fundamentally, traffic is traceable and the internet was NOT build for people to be fully anonymous with no way to trace traffic back to them.

 

[ColinTaylor]

Specific to article 1: It is totally off point and shows a lack of understanding of the issues.

DoT is not meant to anonymize your traffic or hide your traffic from the ISP. It is meant to encrypt your Domain Name queries. That's it. And that's what it does.

That's exactly the point that that article is making.