Stories
Slash Boxes
Comments

SoylentNews is people

Google Chrome Browser Also Testing DNS-Over-HTTPS

posted by janrinok on Friday September 13 2019, @09:24AM   Printer-friendly
from the follow-the-leader dept.

An Anonymous Coward writes:

https://www.theregister.co.uk/2019/09/10/chrome_78_dnsoverhttps/

Only days after Mozilla said it plans to make DNS-over-HTTPS (DoH) available by default gradually for Firefox users in the US, Google announced its intention to test DoH in Chrome 78, due for beta release in the next two weeks.

DoH wraps domain-name queries in a secure, encrypted HTTPS connection to a DNS server, rather than firing off requests using bog-standard plain-text insecure DNS, thereby keeping queries inaccessible to eavesdroppers. It's one of several emerging internet protocols intended to close security and privacy gaps in online communications.

Google's experiment will involve checking whether Chrome 78 users' DNS provider is among six services selected for their readiness to test DoH – Cleanbrowsing, Cloudflare, DNS.SB, Google, OpenDNS and Quad9. And if so, Chrome will switch from standard DNS to DoH using the same service provider, at least for those lucky few in the experimental group.

Google is thus avoiding one of the concerns raised by Mozilla's approach, forcing Firefox users to change their chosen DNS provider for Cloudflare. In so doing, Google ensures that malware screening and parental filtering capabilities offered by DNS providers will continue to function, if possible under DoH.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Google Chrome Browser Also Testing DNS-Over-HTTPS | Log In/Create an Account | Top | 19 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by maxwell demon on Friday September 13 2019, @01:30PM (1 child)

    by maxwell demon (1608) on Friday September 13 2019, @01:30PM (#893621) Journal

    So how is this supposed to work with intranet addresses which won't be resolved by external DNS?

    --
    The Tao of math: The numbers you can count are not the real numbers.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 2) by Fishscene on Friday September 13 2019, @01:54PM

    by Fishscene (4361) on Friday September 13 2019, @01:54PM (#893632)

    It's supposed to phone home to google first so they can build a profile of your internal network. This can then be leaked to hackers or turned over to governments that "request" it from Google.

    I'm not stupid. I took history classes all through high school. The one thing you DON'T do is give up your freedom of privacy. Because it *will* be used against you if not now, then later.

    If nothing else, google and its employees have absolutely NO business knowing anything about your internal network - so why are they hellbent on doing this for millions of people?

    If you're at a company - why are you letting you and your employees leak the details of your internal network to a 3rd party?

    --
    I know I am not God, because every time I pray to Him, it's because I'm not perfect and thankful for what He's done.