[ilyt]

I still dunno how people got conned that DoH aka. "tunnel your every DNS request to american entity that is required by law to spy on you on demand" to be the new "standard" for the browsers

[josephcsible]

DoH is 100% a good thing. It makes surveillance of your Internet traffic harder, not easier. If you don't trust Cloudflare, then pick a different DoH provider that you do trust.

[capableweb]

Nothing is 100% "a good thing", everything has tradeoffs.

In this case, you're moving the trust you put in your ISP or anyone who resolves your DNS queries to Cloudflare. Depending on where you are in the world, or how your threat profile looks, this might be good or bad, or degrees of good/bad.

That everyone is starting to tunnel more and more of their traffic to one single entity (Cloudflare or not) is overall not that good. But certainly not 100% bad.

[josephcsible]

> In this case, you're moving the trust you put in your ISP or anyone who resolves your DNS queries to Cloudflare.

Not necessarily:

> If you don't trust Cloudflare, then pick a different DoH provider that you do trust.

[pas]

in the US ISPs sell your DNS request data, compared to this Cloudflare seems an improvement

in other parts of the world ISPs give your DNS data to the not so secret police and compared to that Cloudflare is a huge improvement

in the parts where ISPs don't sell your DNS data you should switch to a different DoH provider