DNS over Tor [Feature request]

[jan-kleks]

I have checked if others have suggested this already

• [X] I have checked this issue tracker to see if others have reported similar issues.

Feature description

It would've been great if your DNS servers offered an option to run over Tor, like this: https://developers.cloudflare.com/1.1.1.1/other-ways-to-use-1.1.1.1/dns-over-tor/ Tor Browser does not recommend using adblocking plugins for security reasons, but using an adblocking DNS Tor server would have been a nice alternative.

Alternative solutions

Using Mullvad Browser

Type of feature

• [X] Better privacy/anonymity
• [ ] Better at circumventing censorship
• [ ] Easier to use
• [ ] Other

Operating System

• [ ] Android
• [ ] iOS
• [ ] Windows
• [ ] macOS
• [ ] Linux

[Rubber-Duckie]

Could you explain the threat model behind this.

If you connect to DNS over the TOR network to obtain an IP, but then connect direct to the website over the VPN, the website you connect to will see the IP of your VPN exit node and the VPN knows the IP you requested.

How is that better than using; A. DoH or DoT over the VPN? B. Mullvad VPN Relay servers themselves?

A. The DNS server will only see your VPN IP address, not your real IP, so your hidden - but they might keep logs in any event for future law enforcement. B. Mullvad will see your DNS request, but even if they did not see your DNS request because you used TOR or DoH/DoT, Mullvad could simply perform a reverse DNS lookup on the IP you used anyway to get the DNS address you are navigating to, so your no better off.