zlacker

[parent] [thread] 2 comments
1. adql+(OP)[view] [source] 2023-08-02 16:41:04
User will navigate to the site and show their own IP anyway. You achieved basically zero increase in privacy while making any competitor have problems with any of their users that use 1.1.1.1

And any malicious client that tries to leak data via DNS can just ask for DNS record like my-ip-is-7.8.9.0.example.com and completely go around that privacy "enhancement".

Sorry but the "privacy" here looks like smokescreen to stifle competition.

replies(1): >>lolind+49
2. lolind+49[view] [source] 2023-08-02 17:20:02
>>adql+(OP)
The concern isn't that the website will know the IP, it's that every single entity on the network between Cloudflare and the authoritative DNS server (most or all of which will not be operated by the website) will know it.

It still may not be the right decision, but it's important to frame the trade-off correctly.

replies(1): >>sXgC6d+nO1
◧◩
3. sXgC6d+nO1[view] [source] [discussion] 2023-08-03 01:33:51
>>lolind+49
So just don't send ECS on any query except once you get to the public-suffix's NS...

Every element on the network between the user and the website will know it, too.

[go to top]