Score:-4

Do DNS queries reveal full URLs?

vi flag

I use my ISP's DNS, which means that if I access "example.com" they will know, but will they know the exact page? (eg. "example.com/something.html"). As far as I know, if I access "google.com" or "google.com/search?q=my+isp+can't+see+this" my device is only asking for the ip of "google.com" in both cases, thus ISP or 1.1.1.1 or whatever... will not be able to know exactly what i'm accessing, instead they will only know the website but not the content itself (what comes after the slash) right? if that's the case, then I don't think it's that creepy as some people advertise.

Score:0
in flag

No, DNS lookups cannot leak URLs, because they are never sent to DNS servers. But it is exactly as creepy as is made out.

In some places merely visiting a "forbidden" site can reveal information that can earn a death sentence, ostracism, or other extreme punishment. You're apparently in a sufficiently privileged position not to be bothered by that; not everyone is as lucky as you.

The pattern of domains that someone accesses can form a unique identifier, and the construction of profiles by whoever runs the DNS server is not only possible but likely.

This is exactly why mechanisms like DNSCrypt, DoH, and DoT have come into being, to avoid this exposure. Similarly, when you use a TOR browser, your DNS lookups are also anonymised. A similar issue has led to the avoidance of OCSP for certificates, in favour of OCSP stapling.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.