DoH versus VPN
Do I need to enable/use DoH if I already use a separate VPN (Nord) for all my online work?
Chosen solution
Found this article, which says NO, DoH doesn't replace a VPN nor add anything to my security or privacy:
"DNS over HTTPS should never be conceived as a 1-to-1 replacement for a VPN client; at the very least, we can consider it as its counterpart, its partner in crime. While the VPN ‘scrambles’ your IP as to make it impossible to track your activity, DoH only ensures that the communication channels with the DNS are secured by encapsulating the DNS querying in the HTTPS."
https://heimdalsecurity.com/blog/replacement-for-vpn/
Read this answer in context 👍 0All Replies (5)
Hello,
DoH is encrypted DNS Lookups. Your privacy wants likely are different than mine, so I will not say yay or nay, and will not comment on the VPN provider.
The fact that the DNS requests are encrypted means that the isp (be it your real off VPN or your VPN's on VPN) does not see the content of your DNS Lookups. They can still see the location your packets go to (how else could they know where to send them).
This means that it can bypass DNS based domain blocks, as it uses a different server, and cannot be seen what domain you are going to.
There is an argument to be made that VPN's can cripple your privacy, but I will not get into that here.
TL;DR: DoH is another measure to secure privacy; not everyone needs it or should use it.
Web search; https://www.bing.com/search?q=computer+DoH
Chosen Solution
Found this article, which says NO, DoH doesn't replace a VPN nor add anything to my security or privacy:
"DNS over HTTPS should never be conceived as a 1-to-1 replacement for a VPN client; at the very least, we can consider it as its counterpart, its partner in crime. While the VPN ‘scrambles’ your IP as to make it impossible to track your activity, DoH only ensures that the communication channels with the DNS are secured by encapsulating the DNS querying in the HTTPS."
Yes. It is not a replacement, but it is a better solution for some people.
Many people do not need a vpn, but their DNS is blocking sites or is leaking information. DoH solves their problem for free. They both can be used effectively together and apart.
I've been using a VPN for several years now, ever since my former employer required me to do so whenever I worked from home, before I retired. I pay for the service and consider it money well spent. The crux of my question was whether ALSO using Firefox DoH, which I first heard about yesterday, added anything to my privacy and security? If not, whether using BOTH affected my performance? My bottom line is that a VPN protects all my internet traffic (email, onedrive/Google Drive, Office 360, and other browsers [I only use Chrome ifn I have a problem with Firefox and never bother with Edge!]), so I can see no reason to enable FF DoH. I've just disabled it.
The reason for asking the question is that I searched FF FAQs and didn't see this addressed. Thanks for the response.