Ben's Website

Serious musings


Given the end-to-end encryption of https, 3rd party transport middle men can't determine what a user is doing without deep packet inspection.  DNS operators have some of this information, as they must translate your request ( = to connect you to your destination.  So, is it good to change your DNS servers from your ISP (moral paragons that they are) to Namecheap / Dyn / Google?

What do these services do with their requests?  They know your IP and what you sought; do they sell this to ad networks (or are one..Google)?

Alternately, the pro-user direction is to tell you who you're contacting; is Alexa/ the CPAP machine/etc. reporting on you?  They can tell you how frequently a new session is made and what other domains are contacted at that same time/with the same user string.

More locally, this connection monitoring is an opportunity for router makers and OS providers; they have been able to block access to arbitrary domains or IP ranges for years, but that's a rather technical endeavor.  Better would be to help the user/bill-payer understand who they're working with.  An egocentric google analytics.