← Back to context

Comment by V99

7 years ago

I don't know of any particular popular concrete instance, but why is it hard to believe? It's trivial to implement and would be brought to you by the same people who think serving ads for NXDOMAIN is a good idea.

https://www.dnsleaktest.com/what-is-transparent-dns-proxy.ht...

2 comments

V99

Reply
abtinf  7 years ago

That link was useful, thank you. I don't find it hard to believe technically, but it strikes me as a fundamentally different practice than what I'd head of before. If I request for traffic to go to a certain IP, I expect it to be sent to that IP. MITMing and manipulating that traffic is bad, but not delivering it at all is qualitatively different. I suspect it could be grounds for a serious civil or criminal action.

  • LogicX  7 years ago

    I can confirm we run across transparent dns proxying with customers at DNSFilter all the time. Mobile carriers are the worst for doing this.

    A few days ago it was a customers compromised router doing it.