Forum Discussion

LegacyOfherot's avatar
LegacyOfherot
Brass Contributor
Sep 09, 2019

Is there a plan to implement DNS over HTTPS?

I gather it is possible to enable it in Chrome by adding some extra runes on the command line, that didn't appear to work on Edge-dev. I don't have Chrome installed, obviously.   Cloudflare has a h...
HotCakeX's avatar
HotCakeX
MVP
Sep 09, 2019
I hope Microsoft adds DoH to the Edge insider too. it's gonna make it more secure.

though using Hosts file to block ads is not a good idea for everyone. totally useless when i use VPN or proxy or anything like that. they can Easily bypass the Windows Hosts file. also hard to keep it updated, everyday a new domain pops up in the list: https://filterlists.com
  • LegacyOfherot's avatar
    LegacyOfherot
    Brass Contributor
    Sep 09, 2019

    HotCakeX Agreed the hosts file isn't the ideal method, its part of a "defence in depth" approach. The advertrivia mongers, scammers and hackers are always always trying something new.

    My ideal browser would resolve via DNS over https, load the web page via https after checking the cert in depth - not just expiry date. It would block all tracking cookies, etc etc. The list goes on.

     

    I can't do it all myself, I have to rely on browser / OS developers to do it, and not rely on advertising revenue. If that means PAYING for software, fair enough (Gasp shock horror!)

    ...

    • HotCakeX's avatar
      HotCakeX
      MVP
      Sep 09, 2019

      LegacyOfherot 

       

      For the sake of security then i hope you're always using the latest Windows version.
      the current version of Windows security (a.k.a Microsoft Defender) has got everything needed for any consumer to stay safe.
      but you know, using VPN is also very important for security and anonymity.

      Microsoft Edge insider is very close to your ideal browser. you can turn on the tracker prevention and set it to balanced, then install ublock origin extension to block ads, malware, malicious links, prevent WebRTC IP leaks, block online embedded crypto miners in websites etc.

      the advantage of using ublock origin extension over Hosts file is that it's the best extension in its category, uses the least system resources and can update the filters list with just a press of button. And no VPN or Proxy can bypass that.

      it's so good that even TOR has incorporated it into their browser and Tails security OS.

      • LegacyOfherot's avatar
        LegacyOfherot
        Brass Contributor
        Sep 09, 2019

        HotCakeX Yes, I ensure all our PCs are up to date (Windows itself updates, often at inopportune moments.) In a previous life, I was the software dev manager at a small outfit, it was a constant juggle between keeping our machines up to date, while developing software that would run OK on customer's desktops / servers - it took a couple of years to convince one customer to upgrade their browsers from IE7 to IE 9 / 10... Corporate sysadmins are often very resistant to change - if it ain't broke etc.

         

        Defender does seem pretty good now, I also worked for Symantec, not in the Norton division, but we did get to try out dogfood versions of Norton 123 etc. I remember having a transatlantic call with a manager in the US as he was driving to work, I suggested they should use more modal dialogs - I sent a screenshot with 30 odd dialogs open, all offering "Ok", "Cancel" and "Save"  buttons... 🙂

         

        I also agree about VPNs - I use Opera quite a lot, with its built-in VPN and private mode, though of course they are now owned by China ltd, so its debatable how secure it is.

Resources