• obviouspornalt@lemmynsfw.com
    link
    fedilink
    English
    arrow-up
    11
    ·
    2 months ago

    He said “which bank”, which could be determined by the sniffing DNS requests, or seeing which IPs his computer is connecting to.

    Not a breach of his personal information (assuming the bank that he’s using and the client he’s using after putting everything in TLS properly).

      • r00ty@kbin.life
        link
        fedilink
        arrow-up
        7
        ·
        2 months ago

        But you can see the ip address, which will id the bank. They can derive other information by ip addresses or leaked data and there’s still things using unencrypted connections even today. I generally just connect to my home vpn so at least it’s inly my isp spying on me.

          • r00ty@kbin.life
            link
            fedilink
            arrow-up
            1
            ·
            2 months ago

            I think this is one of the things that ech is meant to solve. But ech/esni is still not widespread on smaller sites yet I think.

      • phillipp
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 months ago

        You actually still can. Have a look at DNS fingerprinting