I understand that it is possible to get around some very tough firewalls by ‘tunneling’ through DNS and send requests to a cooperative authorative DNS server. I don’t exactly understand why this is necessary in a ‘Command & Control’ type application. Assuming such an application was to trust only a hard-coded SSL certificate, not just anything trusted by the machine - i.e. precluding a MITM attack on the part of the firewall, why wouldn’t HTTPS suffice for this communication in evading the suspicion and intervention of a firewall. I admit I am not quite up to date on firewalls, but at a conceptual level I can’t seem why DNS tunneling has any advantage over HTTPS.