So what we need is a DNS service that takes in all of the DNS record updates per... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

iramiller on Nov 20, 2019 | parent | context | favorite | on: uBlock Origin: Address first-party tracker blockin...

So what we need is a DNS service that takes in all of the DNS record updates per normal DNS replication and flags these CNAME record entries into an easily consumable blocklist.

EvanAnderson on Nov 20, 2019 [–]

DNS-based filtering will be useless once DNS-over-HTTPS and pinned certificates are the norm. That will come to embedded devices first, but it'll come to consumer OS's too.

iramiller on Nov 21, 2019 | [–]

Right. But it is still possible to run a DNS resolver and dump those domains in a address based blacklist at the firewall.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact