Infinity-For-Reddit icon indicating copy to clipboard operation
Infinity-For-Reddit copied to clipboard
verified publisher icon Docile-Alligator

Feature request : DNS over HTTPS

Open yant0 opened this issue 4 years ago • 10 comments

a few country (like mine) decided to block access from reddit because they want to have "healty internet". This can be easily bypassed by using dns connection. I personally use cloudflare's dns service to browse reddit. But, i dont like the idea of using dns eveywhere since im a student and dont have money laying around to pay the extra data it costs to access a dns service. This feature would be helpful for people from blocked countries to surf reddit.

thanks

yant0 avatar Mar 19 '21 04:03 yant0

Wow. I will search google for how to do this first.

Docile-Alligator avatar Mar 26 '21 16:03 Docile-Alligator

But, i dont like the idea of using dns eveywhere since im a student and dont have money laying around to pay the extra data it costs to access a dns service. This feature would be helpful for people from blocked countries to surf reddit.

If you have a android phone over android 9 (android 9-12) then you can just use dns-over-tls in the settings of your phone. And it doesn't cost more data to use a dns service. :)

sami155 avatar Apr 09 '21 07:04 sami155

this request is pretty similar feature that chrome has which is secure dns. I dont like the idea of channeling my whole phone to dns all the time, and hopefully this feature will help those who dont have the dns setting on their phone.

yeah it doesnt but its slower. ive changed dns service thats closer to my country

yant0 avatar Apr 09 '21 08:04 yant0

Any updates on this? I would love to see the option to use DoH inside the app :)

ghost avatar Nov 28 '21 12:11 ghost

I dont like the idea of channeling my whole phone to dns all the time

@yant0 well I mean all of your requests go through a DNS server anyways, Android just uses Google DNS by default instead of Cloudflare DNS, there's nothing bad about changing it.

Also, I don't think that this can be added to Infinity, because this has to be supported by the network, the DNS server and the client, and not the app that makes the requests. The only thing that Infinity could theoretically do is force all network requests to go through Cloudflare DNS ore something else with DoH support, but that would be the same as you just using the Cloudflare app.

flexagoon avatar Dec 25 '21 23:12 flexagoon

I might have worded my previous comment wierdly, yes every request go through a dns.. at somepoint. Yes there is nothing bad about it but using another dns providers but possibly getting tracked more by those two providers give me less hope in privacy

And i dont quite understand what do you mean by network. I dont really know the technical knowhow to code things so excuse my irrational request. Since this post ive used a few apps that have DoH feature i dont know how it would be difficult to do. Those few apps uses AdGuard dns. Im not in a super strick policy country so i just want to surf reddit and they would bat an eye anyway.

In my original post. I used cloudflare dns.. the app doesnt have to use that exact dns. As long as its dns it would be fine

yant0 avatar Dec 27 '21 22:12 yant0

@yant0 you can just change the DNS server in phone settings. Then your data will only pass through that one.

And what I meant is that if the app forces its own DNS instead of using the system one in order to always support DoH, then you'll still be using two DNS servers, the app one and the system one

flexagoon avatar Dec 28 '21 04:12 flexagoon

@yant0 actually wait, probably DoH can be implemented on Infinity's side even without forcing a custom dns server, unless it uses some library to connect to Reddit API which doesnt allow this

flexagoon avatar Dec 28 '21 04:12 flexagoon

@flexagoon Android's Private DNS feature uses DNS-over-TLS. While it is good for network security administrators to monitor the traffic and all the other stuff, DoH is preferable for privacy IMO.

However, from a privacy perspective, DoH is arguably preferable. With DoH, DNS queries are hidden within the larger flow of HTTPS traffic. This gives network administrators less visibility but provides users with more privacy. source: https://www.cloudflare.com/en-in/learning/dns/dns-over-tls/

In some cases, it should be able to bypass censorship as well. My ISP blocks many sites, some of which can be surfed without any issues while using DoH in Firefox. For example, my ISP blocks redgifs(posts of which are very frequently posted on several subreddits). With DoH, I can easily surf redgifs. Meanwhile I can't surf it with DoT from the same DNS provider (in my case, cloudflare).

ghost avatar Dec 28 '21 09:12 ghost

@Kruger984 It is better in terms of anonymity (blending in with everyone else), but it's worse in terms of privacy (not exposing your personal data)

DoH contains metadata such as user-agent (which may include system information) that is sent to the DNS server https://tools.ietf.org/html/rfc8484#section-8.2

(Source)

So while the network admins will see that you're making a DoT query separately, they will not see any of your information

flexagoon avatar Dec 28 '21 12:12 flexagoon