this post was submitted on 05 Oct 2023
300 points (98.1% liked)

Firefox

17937 readers
37 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 1 year ago (1 children)

This makes it so that your ISP doesn't see the actual name of the server/site you're communicating with, only the IP address. Without Encrypted Hello they're able to see both.

[–] [email protected] 5 points 1 year ago (1 children)

I would think that an IP address tells you the domain name by doing a simple DNS lookup.

[–] [email protected] 5 points 1 year ago* (last edited 1 year ago)

In many cases you can, but there's never a guarantee that a given IP address will have reverse DNS records configured for resolve it into. On top of that, if it's a major site it's likely hosted behind a content delivery network that may a share a single IP address across thousands or even millions of completely unrelated servers. Cloudflare does some pretty interesting stuff with that approach: https://blog.cloudflare.com/cloudflare-servers-dont-own-ips-anymore/ edit: bad at typing