642
submitted 1 year ago by buh@lemmy.world to c/firefox@lemmy.ml
you are viewing a single comment's thread
view the rest of the comments
[-] DarkThoughts@kbin.social 8 points 1 year ago

So with this the ISP, or someone else sitting in the middle, would not even know the URL you're accessing?

[-] DarkenLM@kbin.social 5 points 1 year ago

I don't think so, that'd be straight up impossible unless you're behind a VPN. Your ISP can see every connection made between you and any other server, but a VPN uses encrypted payloads between their servers and you, and they make the requests using their servers, and pass the results to you. That way, your ISP only sees that you're using a VPN, but can't see anything else.

As far as I understand it, ECH uses DoH (DNS Over HTTPS) to encrypt the domain name of your connections, but a direct IP address is always required, and most of the times, it's enough to determine the website, as the ISPs can locate just about anything easily. However, the ISP won't be able to (easily) know anything else about the connection, which remains unbroken between you and the server you're connecting with.

But still a very good feature nonetheless.

[-] mac@lemm.ee 2 points 1 year ago

IPs of websites are fine to expose in this day and age, in my opinion and threat model.

Most sites being hosted in the cloud, with rotating IPs give you obscurity there.

[-] Fissionami@lemmy.ml 1 points 1 year ago

Agreed. Most of the servers are behind proxies anyway.

this post was submitted on 03 Oct 2023
642 points (98.9% liked)

Firefox

17302 readers
49 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS