Comment by acdha
2 years ago
That’s usually untrue - for example, if I’m on Comcast but I use Firefox, my DoH requests go instead to Cloudflare who don’t log IPs – but also the larger point is that DNS isn’t complete enough: sometimes it’s unique companies but a lot of the time it’s just a shared endpoint. Push notifications don’t have that problem and happen every time, not just when a cache expires.
Cloudflare is one of the "major companies" I was alluding to. It's still an issue of centralized authorities that are accountable to governments. But I do trust Cloudflare more than my ISP or Apple, and in fact I route much of my traffic through them so I hope I'm right in giving them my trust.
It’s also a question of what information is available. In the United States, for example, it’s generally seemed to be the case that they can compel release of existing data but not changing systems to record new data or remove encryption. That’s not the case in every country, of course.