One additional idea, along similar lines, might be to compare the results of standard DNS with Tor'd DNS for all DNS lookups and create a log file with any discrepancies...
In other words, if/when there is a difference, log that.
You would lose DNS privacy with this method, but, if you were say, in China, and your regular non-Tor'd DNS was blocked or re-routed (whether accidentally or intentionally) then at least your log file would tell you that something was up...
In fact, it might be an interesting experiment for an Internet researcher to gather as many domain names as possible, then look them up via both regular DNS and Tor'd DNS, and note any discrepancies...
And, the same experiment could be repeated in different countries...
In China it's more like DNS over shadowsocks proxy to the tor network.
The Chinese are oppressively good at inspecting packets. I fear they'll start exporting the tech and skills eventually to the most evil leaders on Earth as just another export. Tor is somewhat out of reach for the average Chinese whistleblower.
I missed this when it was first announced. Does anyone know if the Tor Browser by the Tor folks has this built in or available as an option? Or whether the Tor developers themselves have thoughts on using .onion based DNS Servers?
Why would any Tor user care whether their resolver supported a "DNS security" scheme controlled by governments? Even if you like DNSSEC, how would that be a coherent POV?
8 comments
[ 3.1 ms ] story [ 22.4 ms ] threadOne additional idea, along similar lines, might be to compare the results of standard DNS with Tor'd DNS for all DNS lookups and create a log file with any discrepancies...
In other words, if/when there is a difference, log that.
You would lose DNS privacy with this method, but, if you were say, in China, and your regular non-Tor'd DNS was blocked or re-routed (whether accidentally or intentionally) then at least your log file would tell you that something was up...
In fact, it might be an interesting experiment for an Internet researcher to gather as many domain names as possible, then look them up via both regular DNS and Tor'd DNS, and note any discrepancies...
And, the same experiment could be repeated in different countries...
The Chinese are oppressively good at inspecting packets. I fear they'll start exporting the tech and skills eventually to the most evil leaders on Earth as just another export. Tor is somewhat out of reach for the average Chinese whistleblower.
A problem with that is the CCP are conspiring with other totalitarian hellholes to force that kind of Internet onto the rest of the world.
Already happening. https://www.reuters.com/article/us-global-internet-surveilla...
Although some protocols are missing for example DoX: https://xmpp.org/extensions/xep-0418.html
https://egberts.github.io/egberts/articles/public-nameserver...