Security News

Cybersecurity news aggregator

LOW News David Bombal

How your ISP tracks you (even with encrypted DNS)

network-privacyisp-trackingdns-encryption
  • What: ISP can still track websites even with encrypted DNS
  • Impact: Users need a VPN for true online privacy
Read Full Article →

NOTE: DNS or HTTPS / Encrypted DNS won't make you invisible. Watch and find out. Some people believe that encrypted DNS makes them invisible, but is this video I use a live Wireshark capture to prove that your ISP can still see every website you visit. You will learn how to verify your own privacy leaks and a VPN are necessary to truly go dark on the wire. In this deep-dive network lab, we use Wireshark and a physical ethernet tap to expose the truth about modern web privacy. You will see firsthand how your ISP can still track every website you visit, even when using encrypted DNS (DNS over HTTPS) and TLS 1.3. We demonstrate how the Server Name Indication (SNI) field in the Client Hello packet leaks your destination in plain text. The video explores advanced privacy technologies like Encrypted Client Hello (ECH) in Firefox and Cloudflare, explains why these features often break corporate filtering, and proves why a VPN remains the only definitive way to hide your traffic from network snooping and government logging. // YouTube video REFERENCE // The one BIG mistake you are making with DNS security today: https://youtu.be/Rrr4HrI8E6g // Book REFERENCE // DNS & Bind 4th Edition US: https://amzn.to/4s8WaWm UK: https://amzn.to/4sztLbB // David's SOCIAL // Discord: https://discord.com/invite/usKSyzb X: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/@davidbombal Spotify: https://open.spotify.com/show/3f6k6gERfuriI96efWWLQQ SoundCloud: https://soundcloud.com/davidbombal Apple Podcast: https://podcasts.apple.com/us/podcast/david-bombal/id1466865532 // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - DNS myths! 01:53 - Jump to the timestamps 02:16 - Debunking DNS myths 02:59 - Interviewing Cricket Liu // Pros & Cons of DNS 06:49 - DNS monitoring demo 10:33 - Changing DNS provider in Chrome 13:00 - Turning off Secure DNS in Chrome 14:43 - TLSv1.3 is still visible // What is SNI? 18:56 - DNS using CloudFlare 22:11 - What is ECH? 22:52 - TLSv1.3 is still visible continued 26:53 - IP address lookup 28:10 - Summary 28:58 - Will using VPN help? 31:32 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #dns #myths #privacy

Related Articles

INFO Your Fancy DNS Tricks Won’t Give You Privacy David Bombal INFO 3 risks of using clear DNS David Bombal INFO Built a header echo + TLS interception detector to score ISP-level surveillance — looking for feedback on the methodology Reddit r/netsec INFO Is It Always DNS? Wireshark Packet Analysis David Bombal
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn