cross-posted from: https://lemdro.id/post/2883134 (!android@lemdro.id)
I’d like to elaborate a bit on why DNS can be used to track you.
Nearly all web traffic is encrypted (https), you can check by looking at the padlock next to the URL in your browser. But DNS requests aren’t encrypted by default. This means anyone, most likely your ISP our the admin of your home network, can see what domains you’re accessing. That means just google.com, lemmy.world, etc. and not lemmy.world/post/… This isn’t a huge amount of info, but it does tell anyone who’s looking approximately what you’re doing (googling something, looking at lemmy, etc.).
To fix that there are a few different ways to encrypt DNS requests, the most common of which (afaik) is DNS over HTTPS, which will encrypt DNS requests like any other web request your browser makes. I don’t know why this hasn’t been made the default yet. Firefox has a setting for DNS over HTTPS, it calls it secure DNS.