You’re not but that’s the point. Google realise they don’t control the OS (in many cases) and thus struggle to monetise it.
I don’t have a problem with doing dns lookups over http, or any other protocol you want to use, if I configure my OS resolver to do that.
When people don’t like DoH they tend to mean they have a problem with bypassing the OS.
Theres then the concept of DoH, network admins have a harder job blocking it without MitMing traffic (and in some cases installing new root certificates and thus reducing security for users).
I’m less concerned about that. The argument for DoH often goes to “I don’t trust my network but I do trust Google” but I can see why some don’t trust their network. Personally I’d tunnel all traffic if I were on an untrusted network.
As someone who doesn’t trust Google (as their income comes from selling my personal data against my will) but does trust my network (as I am the network admin) I lean in the “anti DoH” camp, but regardless of which camp, DNS should be configured at the OS level (whether that’s a manual choice to use Google or cloudflare or whatever, or to accept the network hints)
What you mean is that network admins have a harder time controlling people's devices.
I have a DoH server set in my Chromium browser, installed on my corporate laptop, and I love it, because my DNS queries don't leak to my network admin.
The perspective is significantly different when you're both the user and network admin. From your vantage point, you're picking the lesser of two evils.[1] But there's a third option that keeps you in even greater control, yet it's increasingly becoming more onerous to preserve. It's something like a collective action problem.
[1] Or at least you think you are. If your employer is running provisioning and "security" malware, I wouldn't take any bets on what they're logging or not logging.
I don’t have a problem with doing dns lookups over http, or any other protocol you want to use, if I configure my OS resolver to do that.
When people don’t like DoH they tend to mean they have a problem with bypassing the OS.
Theres then the concept of DoH, network admins have a harder job blocking it without MitMing traffic (and in some cases installing new root certificates and thus reducing security for users).
I’m less concerned about that. The argument for DoH often goes to “I don’t trust my network but I do trust Google” but I can see why some don’t trust their network. Personally I’d tunnel all traffic if I were on an untrusted network.
As someone who doesn’t trust Google (as their income comes from selling my personal data against my will) but does trust my network (as I am the network admin) I lean in the “anti DoH” camp, but regardless of which camp, DNS should be configured at the OS level (whether that’s a manual choice to use Google or cloudflare or whatever, or to accept the network hints)