Positive distinction, however unencrypted DNS requests usually are not a safety vulnerability, slightly a privateness situation. That stated, privateness is an efficient motive to wish to cover DNS site visitors.
You also needs to remember that https encrypts the information despatched in a request and its reply, however doesn’t cover the envelope or the IP handle of the vacation spot. This at the least as necessary as DNS from the privateness viewpoint.
So for cell customers sharing Wi-Fi in varied untrusted areas, there are a number of privateness points.
And, after all, assaults in your privateness can apply to greater than your internet looking. For instance, e-mail.
An answer to all these points is to make use of a Digital Personal Community (VPN) which encrypts and routes all community site visitors by way of a trusted third celebration.
For the “odd shopper” there are a number of suppliers of shopper degree VPN companies. Personally, I exploit Personal Web Entry, however there are various extra to pick from. Belief is the large query with such suppliers as all of your web site visitors (DNS, looking, e-mail, and many others.) passes via their servers. The one suggestion I might make is to keep away from free VPN companies.
When used for work functions the employer could present their very own VPN service to entry to the work community in addition to present protected web utilization. Focus on this the IT division.
Word, that is in no way a complete dialogue of the way to safe Web entry.