• purplemonkeymad@programming.dev
      link
      fedilink
      arrow-up
      29
      ·
      7 months ago

      In the how this works section they detail that it comes from MDM solutions. In English this is a feature for it admins of companies who use the intune management software from Microsoft. You probably need pro or better to even use the feature.

      At a quick glance, it looks to be a way of whitelisting domains at a DNS level, but with the added feature of having allowed DNS servers.

      • theit8514@lemmy.world
        link
        fedilink
        arrow-up
        30
        arrow-down
        1
        ·
        7 months ago

        The amount of Windows bashing in this thread is hilarious, for what amounts to Enterprise grade DNS-over-TLS with additional whitelisting. Doesn’t help the home user, but likely won’t break home users internet access either.

          • BearOfaTime@lemm.ee
            link
            fedilink
            arrow-up
            4
            arrow-down
            2
            ·
            7 months ago

            Because they don’t understand it. Kinda laughable really.

            And I’ve been cursing MS since Windows 1.0 - what a joke that was. Then MS Bob? You’re kidding, right? I so wanted to run Bob just as a joke to fuck with my peers, but I couldn’t even tolerate it enough for that.

      • ElectricMachman@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        2
        ·
        7 months ago

        As a sysadmin, that actually sounds pretty useful. If they add a blocklist feature, it might be a good system-wide malware / ad blocking solution.

    • plz1@lemmy.ml
      link
      fedilink
      English
      arrow-up
      25
      arrow-down
      4
      ·
      7 months ago

      With the shady path they’ve been on lately, I wouldn’t be surprised if they locked down the home editions to only using their servers, so they can use the data points/telemetry to sell ads, etc.

    • stoy
      link
      fedilink
      arrow-up
      11
      arrow-down
      6
      ·
      7 months ago

      Changes like these tend to be pushed out to the home editions first, and the enterprise version will have a setting to turn this on or off.

      This is due to companies usually having a more complex network than home users.

      • lud@lemm.ee
        link
        fedilink
        arrow-up
        8
        ·
        edit-2
        7 months ago

        This is a feature for complex enterprise networks and exclusively so. Enabling it will be very opt in, as you will have to do quite a bit of set-up before it works.

    • Catsrules@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      7 months ago

      This is totally an enterprise feature. I have read enough enterprise documentation to know that. For example All of the wording talking about who is going to use this is “Admins”, “organizations” and “end users”. That is business/enterprise 101 talk right there.

      If it is even available on the home versions it is going to be off by default as it requires a good bit of setup to turn on.

      If Microsoft wanted to track you via DNS they would just do the same thing that Google and Apple are doing with their phones. Have a secure DNS option that is on by default. That uses DoH amd happens to use their DNS servers.

      Also Microsoft doesn’t need DNS to track anyone in Windows. As they control the OS.