DNS is the resolver of domain name to IP, so unless everyone’s going to keep a spreadsheet of the IPs they want to visit, you need DNS
It’s the point of the article, the DNS won’t answer you in France when the website is on the banned list therefore if you want to visit the website you’ll need to find out the IP linked to the hostname for example by asking:
Not true, ordering companies to block DNS when they don’t “operate” (hosting servers) in France, it’ll likely do nothing. Just like the US going after non-US companies. They don’t have to comply. Quad9 I would especially think wouldn’t comply since they push for an open and private internet. Google will probably comply because they’re Google and still want everyone’s data they can get.
State actors can and have compelled ISPs to redirect DNS traffic. The most notable case I can remember is Turkey assuming control over Google’s anycast address (8.8.8.8) via BGP hijacking to enforce Twitter bans (that was in 2014).
If we are talking DoT/DoH, then BGP hijacking has a more limited impact as there is encryption involved there, but it still requires IP routing the same as anything else, so modifying BGP routes would be effective if the goal was to break non-compliant DNS providers.
It’s the point of the article, the DNS won’t answer you in France when the website is on the banned list therefore if you want to visit the website you’ll need to find out the IP linked to the hostname for example by asking:
the IP (As I said)
Not true, ordering companies to block DNS when they don’t “operate” (hosting servers) in France, it’ll likely do nothing. Just like the US going after non-US companies. They don’t have to comply. Quad9 I would especially think wouldn’t comply since they push for an open and private internet. Google will probably comply because they’re Google and still want everyone’s data they can get.
So that’s not actually true with DNS exactly.
State actors can and have compelled ISPs to redirect DNS traffic. The most notable case I can remember is Turkey assuming control over Google’s anycast address (8.8.8.8) via BGP hijacking to enforce Twitter bans (that was in 2014).
If we are talking DoT/DoH, then BGP hijacking has a more limited impact as there is encryption involved there, but it still requires IP routing the same as anything else, so modifying BGP routes would be effective if the goal was to break non-compliant DNS providers.