DOH goes over port 443 using https, impossible to block (unless you want to blacklist all possible URLs that might serve DNS) so cannot be redirected at network level, like with classic DNS, and uses SSL encryption so cannot be "sniffed" and redirected.
In other words: say goodbye to ad blockers based on DNS like pihole or adguard
While it seems good for your privacy, it's a dream for Google and such, where PiHoles and such DNS blockers will be useless...
Because matrix has the bet bridges so I can centralize all other protocols on my matrix server (Continuwuity) and have whatsapp, telegram, Signal all accessible from one single app.
Actually I am behind CGNAT so when away I connect to my VPS that has a nginx pointing to a wireguard endpoint to the internal server. Wireguard is also managed by opnSense but that's a choice, not mandatory.
When home, my VPS ip gets rerouted on port 443 (and 80, mandatory for let's encrypt) to the internal ip of my server.
Wrong premise. There are lots of monarchies around the world, in all continents. Thailand, UK, Spain, Sweden, are only the first that come to my mind.
USA is definitely not most of the world.
Also, some dictators are the result of failed democracies, some dictators come from places that never had democracy in the first place (Russia, many African countries...) And some dictators have been put in power by democracies (see center and south Amerixa for examples).
My favourite is that kernel writes in ram. Kid, do you even know how computers work at all? Where should the kernel write? On paper?
Anyway, worry about getting your pc compromised and prevent unwanted access both physical and remote, logs will help you detect unwanted access, so there is that: logs keep you safe.
Do not turn off logging. Or do turn off logging, it's your machine after all and you are free, as in Linux, to do so if you want.
Its your own machine. Like saying your car knows where you live and where you work. It does, you use it, get a grip on reality. Nobody sniffing your Linux and if somebody has your root oassword they have all your data already so point is mooth.
DOH goes over port 443 using https, impossible to block (unless you want to blacklist all possible URLs that might serve DNS) so cannot be redirected at network level, like with classic DNS, and uses SSL encryption so cannot be "sniffed" and redirected.
In other words: say goodbye to ad blockers based on DNS like pihole or adguard
While it seems good for your privacy, it's a dream for Google and such, where PiHoles and such DNS blockers will be useless...