Having solved the “managed” issue, I was able to disable DoH but that doesn’t appear to have fixed my problem - that the browser is resolving domain names and only requesting IPs stopping Little Snitch from working effectively.
Is there a way to stop the browser from resolving names internally? This seems to be a Chromium thing as it is common behaviour between Brave, Chrome and Opera browsers.
Hey JimBob. Glad you got that fixed! Admittedly I’m not sure if I follow what you mean with the IPs vs. names resolution thing. What exactly is Little Snitch reporting on that it considers problematic? Do you mean it’s caching the results of name lookups instead of talking to DNS resolvers for each lookup? Or something else?
Little Snitch intercepts all outgoing connections and reports what they are so that a user can decide whether to allow those connections to be made. One use case for this is blocking all requests to facebook.com from a browser to limit the amount of tracking FB can do - by analysing the opening of links to facebook.com assets on any website you visit.
Little Snitch identifies traffic at the name level so, if a browser is resolving the IP and only sending a requet to the IP, then it is unable to correctly identify the traffic as allowed or not.
It seems that DoH was in action, even after I turned it off and restarted the browser. The requests for IPs seems to have stopped now.
I have to admit I do not see what problem DoH is supposed to solve. Yes, it stops the ISPs from keeping track of its least tech savvy customoers DNS requests but it doesn’t stop said ISPs from doing reverse lookups on IPs and it doesn’t stop CloudFront et al from collecting all this information for whatever purpose it deems useful. Maybe browsers should stick to rendering web pages and leave the other stuff to other applications that users can choose to use or not?
