Sooo question on age restriction on Apple devices.
-
Sooo question on age restriction on Apple devices.
Non-age-verified people will get blocklist messages on any 18+ website on, right? This also happens if you have custom DNS, DoH/DoT, or VPN with DNS resolution on the other end...
So Apple intercepts the DNS request, checks against their blocklists before anything else happens?
-
Sooo question on age restriction on Apple devices.
Non-age-verified people will get blocklist messages on any 18+ website on, right? This also happens if you have custom DNS, DoH/DoT, or VPN with DNS resolution on the other end...
So Apple intercepts the DNS request, checks against their blocklists before anything else happens?
@SecurityWriter Following this thread
-
Sooo question on age restriction on Apple devices.
Non-age-verified people will get blocklist messages on any 18+ website on, right? This also happens if you have custom DNS, DoH/DoT, or VPN with DNS resolution on the other end...
So Apple intercepts the DNS request, checks against their blocklists before anything else happens?
I have no special knowledge of how Apple's doing things but ultimately apps default to the OS supplied method of name resolution, so the concept of interception doesn't really apply.
Now, if the app uses special techniques to bypass local DNS resolution for the app itself, that'd be one thing. I dunno if many iOS apps do that but I do know a handful of Android apps which do.
-
Sooo question on age restriction on Apple devices.
Non-age-verified people will get blocklist messages on any 18+ website on, right? This also happens if you have custom DNS, DoH/DoT, or VPN with DNS resolution on the other end...
So Apple intercepts the DNS request, checks against their blocklists before anything else happens?
@SecurityWriter sounds like something they could do and charge you for
-
Sooo question on age restriction on Apple devices.
Non-age-verified people will get blocklist messages on any 18+ website on, right? This also happens if you have custom DNS, DoH/DoT, or VPN with DNS resolution on the other end...
So Apple intercepts the DNS request, checks against their blocklists before anything else happens?
@SecurityWriter yet another reason to nit use #Apple devices, if their willingness to integrate #Govware-#Backdoors in the "P.R." #China and hosting #Cyberfascists #Spyware like #Absher in #KSA wasn't already…
-
Sooo question on age restriction on Apple devices.
Non-age-verified people will get blocklist messages on any 18+ website on, right? This also happens if you have custom DNS, DoH/DoT, or VPN with DNS resolution on the other end...
So Apple intercepts the DNS request, checks against their blocklists before anything else happens?
@SecurityWriter I block all DNS at the packet level on my router. See, I can do packet inspection too. But if they have a home grown DNS protocol all their own would love to read about it. Then I’ll block that too.
Not sure it correlates, but my WiFi only iPad did an age thing this weekend when I did my daily Fallout Shelter thing. Wonder if those packet logs are still available… Anyway, besides my Wi-Fi subnet blocking external DNS requests, the iPad has NextDNS running. Are they just ignoring that whenever they want now?
I know my LG TV has hard wired DNS. That’s why it’s banished to the IoT subnet of shame. That subnet is very canonical.
-
Sooo question on age restriction on Apple devices.
Non-age-verified people will get blocklist messages on any 18+ website on, right? This also happens if you have custom DNS, DoH/DoT, or VPN with DNS resolution on the other end...
So Apple intercepts the DNS request, checks against their blocklists before anything else happens?
@SecurityWriter well currently using DoH along with Private Relay causes it to do 2 lookups for each request, so age restriction could be built similar to Private Relay.
-
@SecurityWriter well currently using DoH along with Private Relay causes it to do 2 lookups for each request, so age restriction could be built similar to Private Relay.
@ridogi which effectively means Apple have backdoored our DNS.
Every query leaks your request elsewhere, in an unknown location.
-
R relay@relay.infosec.exchange shared this topic
