Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Some Apps will use a pinned/hard-coded DNS server to avoid your DNS based blocklists... a VPN sees all.


Can you give en example of how this is implemented?

I would love to test thebvpn blocker with some poc.


WhatsApp sends out DNS probes to 8.8.8.8 unencrypted (TrackerControl does trap and proxy these).

And spyware SDKs like InMobi and Gamooga do DNS over TCP which almost all apps on Android leak (but TrackerControl does not).

Telegram does its own DoH (?). Instagram does hardcode some of its IPs, not all (TrackerControl has no mitigation for these).

Disclosure: I co-develop a similar app to TrackerControl


NextDNS uses the VPN API to route all DNS traffic through it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: