My question is simple! How to get maximum (Possible) privacy from ISP in case someone can’t or don’t want to use a vpn ?
Fir example, In some case tor browser is enough for many but they still need from a privacy from isp on other activities on mobile.
The only thing you gain from VPN is that the target server does not know your IP.
HTTPS is safe anyway and as such also the content of what you do.
The only other way you may leak information are DNS queries.
without encrypted client hello (which isn’t really adopted) the hostname ist submitted in plaintext, unencrypted. so the ISP can totally see which websites you‘re going to, even it you use a secure dns server
That should only happen with SNI, no?
What to do about dns queries? In the privacyguides video i saw when we use a encrypted dns isp only see the ip address. So queries are hidden right ?
The queries are known to the DNS provider. Only thing is to use one you trust.
Couldn’t you run a DNS resolver that pings the authoritative servers directly? Yes initial requests will be slower
Who says the authoritative servers aren’t logging requests?
True but it seems to me that it’s an advantage to have your IP logged in this more decentralized way. most resolvers also cache the answers so it would be only logged the first time you visit a website.