The existing Domain Name System (DNS) is the framework in which easy-to-remember website addresses (e.g. icel.tech) are translated into code that devices can read. Type an address in the browser and a request is sent to your local DNS server (most often provided by your Internet Service Provider). The DNS server then searches for and retrieves the numerical IP address of the web server that hosts that specific site.
With standard DNS systems, DNS requests are unencrypted. This makes it vulnerable to various forms of eavesdropping and ‘man-in-the-middle’ hacking attempts. Examples include tunnelling through DNS queries and responses to pass on malware, as well as DNS hijacking, where queries are redirected to a spoof domain server.
Developed by Mozilla, the new system, DNS over HTTPS (DoH) is designed to combat these vulnerabilities. Under it, DNS requests are sent via HTTPS and secured by a Transport Layer Security (TLS) cryptographic protocol. It means that requests are effectively hidden in the huge general stream of HTTPS internet traffic, thereby stopping snoopers from isolating and exploiting those requests.
In case you are interested in enabling DOH in Chrome it will not be as easy as in Firefox, there is no menu option to enable or disable DOH. Users have to pass a command-line argument to Chrome executable to make it work. This is how to do it in Windows:
Find the Chrome shortcut you use to start Chrome on your system, it can be on your task bar, desktop, start menu or elsewhere. Right click the shortcut and select Properties. In the Target field add the following text:
–enable-features=”dns-over-https<DoHTrial” –force-fieldtrials=”DoHTrial/Group1″ –force-fieldtrial-params=”DoHTrial.Group1:server/https%3A%2F%2F22.214.171.124%2Fdns-query/method/POST
When it comes to Firefox, DoH by default on promises a potentially useful privacy boost, with the added bonus of not having to lift a finger to enable it. That said, once it’s in place on your browser, it’s worth checking any parental controls and other filters you rely on to make sure they are still working.
And of course, if you can’t wait for it to be installed on Firefox by default, you can manually enable it. Here’s how:
Take conscious approach towards information and cyber security.