At which point the entry would still be cached by the OS, and since firefox apparently uses the OS API to resolve hostnames (if it didn't, I wouldn't have found the entry in my cache after opening the site, right?), it would still return the cached result (as long as it's not expired).
Besides, the question was how to prevent VAC from uploading your (hashed) DNS cache, and clearing Firefox cache doesn't flush those entries from your OS DNS cache.
First off, in that case I'm not sure what your experiment was supposed to demonstrate.
More importantly, Windows will cache DNS records for no longer than the TTL. Firefox will keep entries in its cache for hours if not days. That's how sites you have been visiting will not show up in the OS cache.
OP asks if it's possible to block VAC from leaking your DNS cache (specifically the OS DNS cache obtainable via ipconfig /displaydns).
blueskin_ mentions that Firefox uses its own DNS cache, and deleting the browser cache also deletes the DNS entries.
However Firefox still uses the Windows API for DNS resolution, and deleting the browser cache doesn't result in those entries being flushed from the OS DNS cache (which is demonstrated by my experiment.) In other words, simply deleting your browser cache in Firefox will not prevent VAC from uploading your OS DNS cache. As long as the entries aren't expired or flushed manually, they will remain in your OS cache and VAC has no problem getting them.
kamakazizuru asks if it's possible to block the leak
mdisraeli answers how, and remarks that many of the sites they're visiting are not in the cache
blueskin_ explains why those sites are not in the cache
pfg challenges blueskin_
Yes, 'some' of the sites will be cached by windows, this was explicitly stated in the original comment by mdisraeli. I don't know why you're acting like anyone is wrong. Did you skip midisraeli's comment accidentally, which lead you to think blueskin_ was offering a flawed solution to kamakazizuru? Blueskin_ was not offering any kind of VAC-related advice or information, just explaining Firefox's weirdness.
The fact that some entries aren't visible in the OS cache has nothing to do with Firefox having its own DNS cache though, it would happen with any browser. And clearing the browser cache has nothing to do with the OS cache either.
So I'm not sure why we're even talking about the DNS cache Firefox uses internally.
blueskin_'s response implies that because Firefox uses its own DNS cache and clearing the browser cache will clear those entries too that either a) opening a page in firefox will not put the corresponding hostname in the OS DNS cache or that b) clearing the browser cache will flush the entries from the OS cache as well. (His reply wouldn't make sense in any other way in this context.)
I'm not trying to prove anyone wrong, but the comment as it was implied you're safe if you use Firefox and clear your DNS cache, when in fact you're not.
>The fact that some entries aren't visible in the OS cache has nothing to do with Firefox having its own DNS cache though, it would happen with any browser.
Not true. Because Firefox has its own cache, news.ycombinator.com is not in my OS cache even though I'm actively opening and closing connections to it.
>blueskin_'s response implies that because Firefox uses its own DNS cache and clearing the browser cache will clear those entries too that either a) opening a page in firefox will not put the corresponding hostname in the OS DNS cache or that b) clearing the browser cache will flush the entries from the OS cache as well. (His reply wouldn't make sense in any other way in this context.)
Option a is the correct interpretation, more or less. Opening a page that is still in the Firefox DNS cache, which lasts hours to days, will not put the hostname into the OS cache.
>I'm not trying to prove anyone wrong, but the comment as it was implied you're safe if you use Firefox and clear your DNS cache, when in fact you're not.
I don't think it implied that, but it's okay if we disagree on this as long as the factual points are clarified.
Wait, are you saying Firefox' DNS cache doesn't honor TTLs? If it's behaving the same way the OS cache does (i.e. drop entries after TTL is reached), basically any entry in Firefox would have to be in the OS cache as well.
Of course if Firefox actually ignores TTLs, forget everything I said.
I'll now set my hair on fire while pondering why they would do that.
It does not honor TTL. The only reason I know about it is the pain it caused me in the past moving a site from one server to another. Everything else on my system went to the new server except firefox.
Besides, the question was how to prevent VAC from uploading your (hashed) DNS cache, and clearing Firefox cache doesn't flush those entries from your OS DNS cache.