zlacker

[parent] [thread] 5 comments
1. bastaw+(OP)[view] [source] 2019-10-04 13:41:09
A lot of folks here seem to be saying "if you're going to make a DNS query, you're only going to make a HTTP request," which is simply untrue. Hell, you can add a HTML tag to your page to prefetch DNS queries. Browsers prefetch DNS just for hovering your mouse over a link or typing something into your address bar (without actually navigating). Should some DNS server know your IP address just because you moved your mouse over a link? IMO, no.
replies(1): >>jivetu+Fp
2. jivetu+Fp[view] [source] 2019-10-04 16:18:06
>>bastaw+(OP)
I don't understand what side you're taking here.

Please can you rephrase your argument. 100% serious, I'd like to know what point you're making.

Pre-emptively: because whatever DNS server you are using already knows your IP address, regardless whether it's the first query for the site itself, or subsequent queries for site-related additional resources.

replies(2): >>tracke+NK >>bastaw+Ae1
◧◩
3. tracke+NK[view] [source] [discussion] 2019-10-04 18:26:28
>>jivetu+Fp
If you hover your mouse over an ad linking to sketchy-service.com ... then the remote dns host for sketchy-service.com now has your IP address.
replies(2): >>jivetu+p11 >>joveia+J61
◧◩◪
4. jivetu+p11[view] [source] [discussion] 2019-10-04 20:13:10
>>tracke+NK
That seems neither here-nor-there for the 1.1.1.1 service.

Doesn't the browser's internal resolver use an external recursive server (either the host's configured ones or browser-determined ones)? Chrome does, AFAICT. As opposed to being a recursive resolver itself, it just implements a caching stub resolver.

The remote DNS host for sketchy-service.com doesn't see your IP address, they see the recursive server's address.

◧◩◪
5. joveia+J61[view] [source] [discussion] 2019-10-04 20:56:04
>>tracke+NK
Browsers can also prefetch pages under some circumstances (I'm not sure of the details). In that case, the web server for sketchy-service.com now has your exact IP address (vs. the truncated address encouraged by this extension). In firefox this can be prevented with:

network.dns.disablePrefetch True

network.prefetch-next False

◧◩
6. bastaw+Ae1[view] [source] [discussion] 2019-10-04 22:02:06
>>jivetu+Fp
My argument is that the "hiding your IP is pointless because the third party will get your IP anyway" is a nonsense argument. The DNS query being prefetched may have nothing to do with the current site you're on.

If I go to a page that links to a bunch of sketchy websites, I don't want my IP (and thus, identity) tied to those sketchy websites just because I hovered my mouse over the links.

[go to top]