[tor-talk] Tales from the DNSCrypt: Linux Rising
proper at tormail.net
proper at tormail.net
Mon Feb 20 19:47:30 UTC 2012
It's an interesting update and I hope it will widespread along all public
DNS servers.
I am not sure how Tor users could profit from it.
Advantage:
- Exit node can not spy or even worse, spoof and redirect any DNS requests.
Disadvantage:
- Single point of failure, OpenDNS could be forced to redirect DNS
requests for some unwanted websites to a trap. This means it should not be
used as a 100% DNS replacement for Tor.
For sure it's not recommend to only rely on that new system, but
sometimes, if you suspect DNS spoofing exit node, encrypted OpenDNS may be
a reliable second opinion.
It's nice that DNSCrypt uses TCP, because Tor can forward TCP. It should
work and do not leak behind a transparent proxy. I am curious how to
torifiy it.
More information about the tor-talk
mailing list