On Tue, 14 Apr 2020 05:45:45 -0400 Lee <ler...@gmail.com> wrote: > On 4/13/20, Celejar wrote: > > On Mon, 13 Apr 2020 08:47:22 +0300 > > Reco <recovery...@enotuniq.net> wrote: > > > >> Hi. > >> > >> On Sun, Apr 12, 2020 at 07:46:38PM -0400, Lee wrote: > > > > ... > > > >> > I just did a quick search and couldn't find anything for smart TVs > >> > using DOH. > >> > >> Probably because they aren't there yet. A typical smart TV is based on > >> the Android, and Google haven't said their word about DOH so far. > > > > I suppose you mean DoH specifically, as opposed to DNS over TLS (DoT), > > but just to clarify for the record, they have implemented the latter: > > > > https://blog.cloudflare.com/enable-private-dns-with-1-1-1-1-on-android-9-pie/ > > https://www.techrepublic.com/article/how-to-enable-dns-over-tls-in-android-pie/ > > > > Yes, DNS over HTTPS specifically is the concern. DNS over TLS uses a > specific port (that they could change, yeah, i know) that I have > blocked, so I'm not all that concerned about DoT.
Ah, I think I understand. But if you're really worried about bad guys: > > 3) Bad guys and gals can hijack DNS too, to the usual hilarious results. > > And the bad guys and gals can use DOH to "hide" their traffic and > circumvent things like pihole. I just did a quick search and couldn't > find anything for smart TVs using DOH. Probably because my search > skillz sux :( why would they be limited by whatever the OS supports? Surely their malware can easily include an internal DoH implementation, although I suppose you'll at least be safer from malware that doesn't bother. Celejar
