The internet is a wonderful place but it is not yet impervious to external invasion. One of the biggest concerns of the recent years has been the protection of privacy. We’ve seen a million examples of data breaches and companies spying on users for their own ulterior motives. However, we’re learning as we go and things have started to come together to make the internet a safe place for everyone. Google Chrome is the biggest internet browser in the world and to make the primary vehicle for internet traffic safe is extremely important.
Thankfully, Google is a very proactive company when it comes to introducing newer ways of implementing better and more secure protocols. While most of the traffic that goes through Chrome is fairly secure, it is still far from perfect. One of the biggest flaws of most modern browsers is that they still send unencrypted DNS queries, potentially exposing them to external intervention.
Google Chrome is finally adding support for DNS over HTTPS
Basically, when you try to access a new website, your PC sends a request to the DNS (domain name system) server which then translates that domain name into an IP address that your PC can understand. Usually, this little transaction is unencrypted, meaning that the door is open for outsiders to potentially tap in, making the whole thing a privacy and security hazard.
However, it seems like that might not be the case anymore. Google is finally adding the support in Chrome for sending DNS requests over the encrypted HTTPS (Hypertext Transfer Protocol Secure) Protocol. This would stop any external intervention, especially from ISPs, who misuse the vulnerability for their own purposes. With this implementation, many big ISPs were quick to point fingers at Google and pointed out how this change could “interfere with critical internet functions”.
Does Google benefit from the move?
While the move to DNS over HTTPS was an inevitable and much-needed change, there were still a few skeptics around, including the ISPs, who raised concerns over Google’s increasing control over the whole internet. With the biggest browser and search engine, it is indeed true that Google enjoys a lion’s share of the global internet traffic. However, the company was quick to shut down any such claims and declared that the allegations were completely baseless.
The biggest concern for most people was that Google would use this move to force users onto its own DNS servers, gaining even more control over the internet. However, the company made it clear that it had no intentions of changing the user DNS provider to Google by default. Instead, Chrome will check whether the user selected DNS is compatible DNS over HTTPS. In case the DNS provider is not compatible, Chrome will continue to function without DNS over HTTPS. So, in reality, Google doesn’t actually gain much from the move at all.
DNS over HTTPS actually prevents ISPs from spying on you
ISPs have benefited from the lack of DNS encryption for far too long. They can tap into your network requests and monitor your internet traffic. Sometimes, they can even modify the DNS queries while they are in-flight to stop users from accessing certain websites. These can include adult websites or, in some extreme cases, websites of rival ISPs. Some ISPs can even go down the road of using DNS snooping for ad targeting, which is very unethical.
Switching over to DNS over HTTPS means that ISPs can no longer access those DNS queries. This would eliminate most of the privacy concerns related to DNS snooping. However, ISPs could still technically monitor traffic if their customers use the ISP’s DNS servers but that does not happen very often.
Apart from Google, Mozilla is also trying to implement DNS over HTTPS in Firefox, but with a much more aggressive approach, forcing users onto Cloudflare if their DNS doesn’t support DoH.
At the end of the day, switching over to DNS over HTTPS was a much-needed change. When an ISP accesses user traffic, there is always a risk of user data falling into the wrong hands. The switch to DoH prevents that from happening. It might be hard for ISPs to adjust to the change initially, but, it is nevertheless a necessary step toward a more secure internet.