On Tue, 14 Apr 2020 12:13:11 -0500 John Hasler <jhas...@newsguy.com> wrote:
> Celejar writes: > > why would they be limited by whatever the OS supports? Surely their > > malware can easily include an internal DoH implementation, > > They needn't use DNS at all. Hard coded IPs work fine for reaching > their own servers. They are also not limited to the usual ports and > protocols when talking to their own servers. Indeed. As I noted (in the other part of my previous message), I suppose it's ultimately only a question of making things slightly more inconvenient for the malware authors. Celejar