The following lines were added (+) and removed (-):
==explained== DNS-over-HTTPS was created as an internet standard (IETF RFC8484) and has been implemented in both Mozilla Firefox and Google Chrome. DoH encrypts DNS queries, which are disguised as regular HTTPS traffic and all of those queries (every web site you visit's URL) are sent to special DoH-capable DNS servers (called DoH resolvers), which resolve the DNS query inside a DoH request, and reply to the user. Don't be fooled by all the use of the term encryption! At the resolver, the request has to be decrypted to be handled by the resolver. So "they" as in the company or organization that is now doing DNS for you at their remote site instead of locally by your own network or ISP, can see where you are going and they can keep track of those Internet addresses and associate them with you. The companies and organizations that have DoH-capable products have been advertising DoH as a way to prevent ISPs from tracking users' web traffic and as a way to bypass censorship. However, they just are talking you into allowing them to track you instead of your ISP (which probably was not tracking you as it is illegal in many jurisdictions). * DoH doesn't actually prevent ISPs user tracking - because DNS is only one very small part of the traffic between you and your ISP. They don't need your DNS queries to know what you are doing* DoH creates havoc in the enterprise sector - many of the security measures involved on network security involve the use of the locally allocated DNS resolver.* DoH weakens cyber-security and helps criminals - once you surrender control of DNS activity you become subject to invalid or manipulated DNS results.* DoH centralizes DNS traffic at a few DoH resolvers - Having local DNS servers for customers and users helps keep things moving fast. Channeling all this DNS activity to centralized points creates overloads and delays, potentially slowing down your Internet activity because your browser is still waiting for DNS resolution before it can move forward and load a web site or application. ==your privacy at risk: a benefit vs danger analysis==