[friendly_chap]

To be fair I mostly use it for not overly sensitive stuff. Let me give you an idea: I prefer to not have my ISP log my requests to reddit.com/r/LSD.

Not because I do anything illegal (I don't even take acid), but in this dystopian world where every action on the internet is recorded, the last thing I want is to end up on lists purely because of my curiosity.

If I would do anything I could get into trouble for (which I won't), I would definitely research more about how to use Tor safely.

[ikornaselur]

Please correct me if I'm wrong, but can't your ISP only see that you're requesting reddit.com, as long as you're using https? Now sure, if you go to lsd.reddit.com, it can be logged as a subdomain, but anything beyond reddit.com shouldn't be viewable by your ISP.

I'm not saying that you shouldn't use tor, just that as far as I understand, the whole request, including path and method, is encrypted over tls/ssl after your browser establishes a tcp connection to the server.

[friendly_chap]

I do believe the url path is visible even over HTTPS. Off to do some research on this.

Edit: apparently the url is not visible, but the domain (more like IP, which can be easily resolved to domain).

Same thing still applies, perhaps not with reddit subreddits, but with specific domains/websites.

[tialaramex]

With ordinary DNS you are asking in plain text hey, what's the IP address for reddit.com and it does not take a genius to guess that's because you're visiting reddit.com

With HTTPS using TLS 1.2 or earlier the site sends its certificate in plaintext too, so even if you just remember the IP address, it will tell anybody snooping "Hi, this is reddit.com".

In TLS 1.3 the site's certificate is encrypted. However the SNI, which is used to make virtual hosting work, is not encrypted. So your ISP can see where you said you were going, but not whether they proved they were the real deal.

DPRIVE such as DNS over HTTPS cures the first thing, you use an encrypted transport to do DNS queries against somebody trustworthy who won't rat you out.

eSNI (encrypted SNI) is intended to one day cure the other problem.

Even with both these, seeing that you visited a very popular system like Facebook or Reddit is always going to be easy. So Tor remains important.

[Grangar]

Your ISP won't log the request going to /r/LSD. It's over SSL, so the only thing your ISP sees is a request to reddit.com.

[friendly_chap]

You are correct. Domains can be still sensitive though.