1061
submitted 7 months ago by Sunny@slrpnk.net to c/memes@lemmy.ml
you are viewing a single comment's thread
view the rest of the comments
[-] jsomae@lemmy.ml 23 points 7 months ago

Assuming you're using https, your ISP cannot see what pages you visit. It can only see what website you access (IP address).

[-] booly@sh.itjust.works 14 points 7 months ago* (last edited 7 months ago)

The typical default configuration has the ISP providing DNS services (and even if you use an external DNS provider, the default configuration there is that the DNS traffic itself isn't encrypted from the ISP's ability to analyze).

So even if you visit a site that is hosted on some big service, where the IP address might not reveal what you're looking at (like visiting a site hosted or cached by Cloudflare or AWS), the DNS lookup might at least reveal the domain you're visiting.

Still, the domain itself doesn't reveal the URL that follows the domain.

So if you do a Google search for "weird sexual fetishes," that might cause you to visit the URL:

https://www.google.com/search?q=weird+sexual+fetishes

Your ISP can see that you visited the www.google.com domain, but can't see what search you actually performed.

There are different tricks and tips for keeping certain things private from certain observers, so splitting up the actual ISP from the DNS resolver from the website itself might be helpful and scattering pieces of information, but some of those pieces of information will inevitably have to be shared with someone.

[-] ours@lemmy.world 4 points 7 months ago

If you use DNS of TLS. Otherwise, they can see you resolve those addresses.

Even that isn't enough, because of the SNI, right? One would need to also use encrypted SNI.

this post was submitted on 23 Apr 2024
1061 points (97.1% liked)

Memes

45731 readers
980 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS