This is the neo feudal internet. It is the end of any ability to lock your own front door to the internet. I saw it in my block logs for Lemmy and finally went to look it up. I don’t know if that is just dot world or otherwise, but there is absolutely no chance in hell that I will ever allow or use ECH or anything like it. That is some authoritarian insanity to expect me to trust a middleman connection for everything in the land of ‘please allow our 10k stalkerware partners into your intimate life via our app’. You have no way of knowing who or what you are connected to with ECH. You’re being forced to inherently trust a connection. Is software X/Y/Z connecting to malware, stalkerware, ANYTHING, you have no clue. What halfwit thought this was okay or some kind of reasonable solution? What am I missing here? I default do not trust anyone. Hope for the best; plan for the worst. If you want to let random people into your digital home, or are not worried about your scripts and code doing stupid stuff, hey, you do you. That is not for me. I want to know exactly what is connecting where and why at all times. Where is the libre internet heading now?
… It’s a protocol, not a service. And your browser has it enabled. You can disable it on your browser and default back to esni, and be less private and less anonimized, if you want. No one’s making you use it.
Anonymity from whom? The browser is the least trusted software and all websites have stalkerware from google and others embedded. These are what I want to block.
No, I don’t want google fonts, or a Facebook logo. I’m not pinging their servers to let them know I’m on your website, etc., etc. Eliminating my ability to stop these useless connections by aggregating all of my connections through ECH is not private or anonymous. Enabling this connection through ECH now makes it available to all websites as a gaping hole in a firewall. I don’t see any reason this should exist.
effectiveness of ublockorigin, noscript, or other privacy/security related addons in your browser are unaffected by ech.
a pihole on your network is likewise unaffected, as it alters the dns requests so clients like your browser or tv can’t even resolve a ‘bad’ domain to an ip.
It was the logs from my OpenWRT firewall that lead me to look up why cloudflare-ech is popping up for Lemmy. I had to research it because I don’t allow any such 3rd party connections. It comes up as cloudflare-ech.com on 443. It is not some port for Lemmy or whatnot. I’m not allowing such a connection that any website can visit, and am rather dumbfounded why anyone would think this is reasonable. I don’t know what enabling this effectively does. It appears to create a way to obfuscate a firewall filter.
I think, OP is pointing to the fact that ECH makes it harder to block connections to mothership from proprietary apps, TVs etc. These apps could now use ECH, DoH to hide it’s traffic from being observed.
But OP could always buy a better router that can proxy layer 7 traffic and block the traffic if desired.