should Orbot include DNS forwarder backed by DNS-over-TLS

guardianproject / orbot

The Github home of Orbot: Tor on Android (Also available on gitlab!)

https://gitlab.com/guardianproject/orbot

Other

2.27k stars 338 forks source link

should Orbot include DNS forwarder backed by DNS-over-TLS #188

Open ingfabby opened 5 years ago

ingfabby commented 5 years ago

DNS-over-TLS (DoT) is now available on many nameservers, and at least three, large public ones 9.9.9.9, 8.8.8.8, and 1.1.1.1. DoT plugs a significant metadata leak: the domain in plain text. Starting in Android 9, Android itself supports DoT. Should Orbot itself include a DNS server that uses only DoT? If yes, then here is some related example code: https://github.com/gryphius/androdns

pgerber commented 5 years ago

This appears to be a duplicate of https://trac.torproject.org/projects/tor/ticket/28955. Left a comment there.