Why have Plusnet blocked secure DNS?
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Everything else
- :
- Re: DNS over TLS (Private DNS) on Android suddenly...
Why have Plusnet blocked secure DNS?
18-07-2020 1:40 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I'd really prefer not to have my security choices dictated to me.
DNS over TLS (Private DNS) on Android suddenly stopped working overnight
17-07-2020 10:00 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: DNS over TLS (Private DNS) on Android suddenly stopped working overnight
17-07-2020 3:35 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Just tested it at my mother's house on her Plusnet ADSL, connected via WiFi and it works. I'll raise a ticket
Re: Why have Plusnet blocked secure DNS?
18-07-2020 1:50 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: Why have Plusnet blocked secure DNS?
18-07-2020 4:12 PM - edited 18-07-2020 4:18 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Presumably it gets blocked because Plusnet can't tell which https web sites you are visiting, other than via your DNS requests?
BTW I have a longstanding setting for Firefox:-
Note that I allow my router to have their rubbish settings.
"In The Beginning Was The Word, And The Word Was Aardvark."
Re: Why have Plusnet blocked secure DNS?
18-07-2020 4:23 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: Why have Plusnet blocked secure DNS?
19-07-2020 1:35 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
@Swipe wrote:
Your post is not really relevant to the thread which is, why has DNS over TLS been blocked
@VileReynard 's first sentence answered your question - presumably because plusnet can't see what sites you're visiting.
The rest of his reply is a bit irrelevent yes, however the first sentence said it all.
Re: Why have Plusnet blocked secure DNS?
19-07-2020 6:22 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
It would be nice if someone from Plusnet would chime in with a response.
Re: Why have Plusnet blocked secure DNS?
19-07-2020 12:03 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
@VileReynard wrote:
Presumably it gets blocked because Plusnet can't tell which https web sites you are visiting, other than via your DNS requests?
But why would PN want to know that? Other than routing, obv.
Re: Why have Plusnet blocked secure DNS?
19-07-2020 1:26 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
As pointed out by@Swipe , my response was not relevant to this topic.
However, Plusnet are required to record all web sites visited by you:-
or https://en.wikipedia.org/wiki/Data_retention#United_Kingdom
On the original topic:-
There is a difference between DNS over TLS and DNS over HTTPS.
DNS over TLS uses its own port and so can be blocked or firewalled by servers [or Plusnet]. DNS over HTTPS just uses the standard https port.
https://www.cloudflare.com/learning/dns/dns-over-tls/
"In The Beginning Was The Word, And The Word Was Aardvark."
Re: Why have Plusnet blocked secure DNS?
19-07-2020 11:06 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
@kev51773 wrote:
But they also couldn't see it if I used DNS over HTTPS, or even just used a VPN.
It would be nice if someone from Plusnet would chime in with a response.
If they blocked https most of the internet would studdenly stop working for plusnet users - everything from webmail to paypal (and other payment websites).
HTTPS cannot be blocked for that very reason - and as it's encrypted, plusnet can't filter out the dns requests to block them.
VPN is also not easy to block - many employers use VPN connections to let their staff access the corporate network remotely eg from home. Infact you could argue that a VPN works in a very similar way to an ISP (and thus should log all traffic).
DNS that is unencrypted is not really blockable either - by corporate firewalls at least. That's how some people manage to use VPNs to escape work - the vpn using dns requests to a vpn server which sends back data in the reply - that data being the vpn packets instead of actual dns query replies.
As for plusnet replying, that's just not going to happen. They don't like admitting to negativity or restricting their customers abilities online.
Re: Why have Plusnet blocked secure DNS?
20-07-2020 3:47 PM - edited 20-07-2020 3:57 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I get that they are required to keep a list of sites visited. Or at least they are required to attempt to keep a record (since there are myriad ways are avoiding there tracking which cannot be prevented). What they're doing here is the equivalent of banning people from locking there doors in case the police want to pop in for a random unannounced visit.
Works great for the police.... Or for anyone else.
Sadly, that's another ISP on the blacklist. Roll on end of contract.
Re: Why have Plusnet blocked secure DNS?
on 20-07-2020 4:46 PM - last edited on 20-07-2020 5:31 PM by Mav
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
For what it's worth, I've just raised it as a ticket. I'll report back when they respond.
Re: Why have Plusnet blocked secure DNS?
20-07-2020 11:54 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
@kev51773 wrote:
When did we reach a stage where ISP's were actively working against security..
When everyone decided to ignore it rather that sign digital petitions because "everyone else will deal with it".
That's usually the case. We've seen it with Covid too but people who are part of the problem still can't accept it and ask why others have screwed it up.
Re: Why have Plusnet blocked secure DNS?
21-07-2020 12:53 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
@kev51773 wrote:
When did we reach a stage where ISP's were actively working against security.
For a long time the politicians were happy logging IP addresses (like in the films), so when they found out about multiple web-sites sharing an IP address they got upset.
Control freakary and security considerations don't go together very well.
Actually, I blame uncritical acceptance of the Internet Watch Foundation (IWF) block filters - which successfully keeps child abuse material off of mainstream sites. However well-meaning it might be, it formed a proof of concept for capturing information at the web domain level.
"In The Beginning Was The Word, And The Word Was Aardvark."
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Everything else
- :
- Re: DNS over TLS (Private DNS) on Android suddenly...