this post was submitted on 16 Jul 2025
96 points (99.0% liked)

chat

8439 readers
157 users here now

Chat is a text only community for casual conversation, please keep shitposting to the absolute minimum. This is intended to be a separate space from c/chapotraphouse or the daily megathread. Chat does this by being a long-form community where topics will remain from day to day unlike the megathread, and it is distinct from c/chapotraphouse in that we ask you to engage in this community in a genuine way. Please keep shitposting, bits, and irony to a minimum.

As with all communities posts need to abide by the code of conduct, additionally moderators will remove any posts or comments deemed to be inappropriate.

Thank you and happy chatting!

founded 4 years ago
MODERATORS
EmmaGoldman@hexbear.net
ZoomeristLeninist@hexbear.net
SexUnderSocialism@hexbear.net
Sulvy@hexbear.net
96
The IT guys blocked my access to Hexbear at work (hexbear.net)
submitted 3 days ago by OldSoulHippie@hexbear.net to c/chat@hexbear.net
43 comments fedilink hide all child comments
 

But theoretically if I had TikTok, Facebook or insta, I would still be able to use it on the wifi.

That is all. Just thought it was interesting

you are viewing a single comment's thread
view the rest of the comments
[–] SevenSkalls@hexbear.net 7 points 3 days ago* (last edited 3 days ago) (2 children)

What does that do? I thought DNS was just the friendly name for sites other than their IP address.

EDIT: so the Ai overview for Google just told me DNS over HTTPS encrypts that bar so no one can see what sites you're visiting? That sounds very useful. Can IT departments turn that off?

[–] peeonyou@hexbear.net 2 points 2 days ago* (last edited 2 days ago)

it encrypts your dns requests over https so it can't be inspected by whoever your ISP is or whatever router you're connected to

[–] RedWizard@hexbear.net 9 points 3 days ago (2 children)

They might be able to apply settings to your installed version of Fire Fox, but I have no idea how detailed those settings are or if they would include disabling DNS over HTTPS.

[–] MizuTama@hexbear.net 7 points 3 days ago* (last edited 3 days ago)

They could block DNS over HTTPS by blocking common servers that provide it, making it difficult to implement but putting them in an infinite whack-a-mole game, or with deep packet inspection, I think, but I'm fuzzy on the details for the latter, so I can't say much.

[–] darkcalling@hexbear.net 3 points 3 days ago

By default Firefox and other browsers that implement DNS over HTTPS check a canary domain and if they can't reach it they assume they're in an enterprise and act respectfully and fall back to the suggested DNS server pushed by their gateway. That canary domain is obviously part of all encrypted DNS blocklists. On desktop you can choose to try and override but lists of the common DOH providers are readily available for free. I block them myself on my network because I run my own DNS resolver with ad blocking and don't want anything bypassing it to phone home its analytics.