Notices by rugk (rugk@social.wiuwiu.de), page 18

@elrido

"advertise this new name resolution" – specifically declined, because rogue DNS in China/iran/… can just "advertise" security while censoring everything.

"OSS implementations" – hmm… https://www.aaflalo.me/2018/10/tutorial-setup-dns-over-https-server/ https://doh.defaultroutes.de/#text-5-2 and https://github.com/m13253/dns-over-https is what a quick search tells me. Totally possible to setup your own server.

DNS stays distributed, just people need to setup servers. And this, is what we need to advertise. (e.g. to Digitalcourage or so)

@elrido "where non-public TLDs are recognized and fall back to the OS' resolvers" – already done (not only TLDs, however, AFAIK). You can change that in about:config.

"run side by side with DNS" –also already implemented (kinda "race" for timing or so). Also about:config.
This mode just obviously does not help for privacy, but it is possible to enable.

…

@elrido
5. Security of HTTPS is kinda off-topic. As you said "It is much better then no SSL," (thus better than pure unencrypted DNS). Also, this whole PKI/TLS situation has considerably improved over the past, Cert transparency + HPKP are a thing for HTTPS in browsers. But, as said, off-topic. (If you would, you could however somehow manually verify your DNS server's cert.)
6. Tor: Obviously not. Tor makes the Tor Browsers and they ensure security there. Also, I guess it's disabled there.

@elrido
3. pihole: If you can setup pihole, you can certainly disable that option. (And I don't think companies or so use pihole. After all – technically, pihole is a kind of blocking/censorship DoH should protect against. If it is wanted by yourself, you can of course adjust it.)
4. VPN bypass: Hu? No… HTTPS goes over VPN too. (actually pure DNS requests are more likely to cause issues/bypasses here)

@elrido Woah, long reply… way too long 😉

Trying to address them:
1. DNS censorship: Yes, this si exactly what this protects against. Even stronger, because DNS cannot be manipulated.
(also AFAIK many OpenNIC servers are not hosted in the US, but that's off-topic.)
2. Internal company services + webdev (host entries): Yes, it can fallback to resolving these, if the DoH provider does not resolve it. (Currently, that's even the default.) Already discussed here BTW: https://metalhead.club/@kromonos/101840600370718191
[…]

@craigmaloney @dconley @pzmyers @sydneyfalk "According to users reports, the new Mastocoains can actually make toot sounds…"

@WPalant link or it didnot happen!

@libravatar not really impressive bit works. Honestly looks like any other modern (startup like) website/theme/template.

@vampirdaddy @Khaosgrille or you use actually (online) dictionaries (Note: there is also #wikitionary)

Or, at the very last, … use #DeepL!!
Because they do things properly…

@lakini ach,heute hast du deinen Hashtag vergessen zu #fakenews 😉

@lakini heute wieder "random attribute quotes" day?

@jomo @rugk hmm yeah, of one really uses this browser in a serious way😉

Maybe you should really report it😊

@lifning why do you think blue is dominant?

Or is it, actually?

heyl, studies about this would be funny… 😆

@girl make it happen!

@jomo 🤔

if you cannot steal anything/do anything bad, I guess no 😉

Bút if the old browser actually did not support JS, then we've got a problem. 😉

@jr 🙄

@jomo best thing certainly https://github.com/jomo/bashweb/commit/362f0115e17585591e1b811c2116a0346cff204d

You should revert that… 😜

@jomo LOOL

@nuron https://gitlab.com/LineageOS/issues/android (?)