Safe Surfer invests in modern technologies to make surfing the web a safer experience for you. We have been keeping our eye on a new set of technologies that is being freshly released to devices by major technology companies and organisations via device updates: DNS over HTTPS (DoH) and DNS over TLS (DoT).
Apple, Microsoft, Google, and Mozilla have been releasing support for DoH and DoT into their products since 2019 and 2020.
DNS operates on computer servers, and it is like a telephone book for devices. Most people by default automatically use DNS servers that their Internet Service Provider (ISP) provisions by default. When you use broadband or mobile data and you do not manually configure your device or router to use a specific DNS server, chances are you will be using a DNS server that is run by your ISP.
Are there any downsides to classic DNS today?
Classic DNS has a major privacy flaw—any kind of URL request you make over the public Internet can theoretically be intercepted and read by anyone, even your ISP. This is called sending “plain text”—data that is not encrypted before it is sent.
What is DoH and DoT?
DoH and DoT are an encrypted form of classic DNS. Instead of sending data unencrypted, they encrypt the data being sent before it is sent using advanced cryptographic protocols.
- DoH encrypts DNS data using the HTTPS protocol.
- DoT encrypts DNS data using the TLS protocol.
Both of these methods are very similar, but they have differences from a technical viewpoint. From a consumer perspective, they both provide an extremely high level of privacy when it comes to encrypting search data.
Many operating systems and web browsers now either fully support or are in testing phases for DoH and/or DoT support. This includes, but is not limited to:
- Android 9 and higher
- iOS 14 and higher; iPadOS 14 and higher (both to be released late 2020)
- Windows 10 version 20H2 and higher (to be released late 2020)
- macOS 11 Big Sur and higher (to be released late 2020)
- Any Chromium-based browser (eg Google Chrome, Microsoft Edge, Opera)
- Mozilla Firefox
How is DoH and DoT useful to me?
The DoH and DoT protocols encrypt your Internet URL/IPv4 request data. This increases privacy for consumers.
How is Safe Surfer going to use these new technologies?
A major part of the Safe Surfer service relies upon the DNS technology (in DNS being a “phonebook”, we can therefore allow or block specific websites). As classic DNS is progressively phased out for most consumers, we will be providing DoH and DoT options for our customers. Our mobile apps will eventually use these protocols, and you will be able to find configuration options on our website in the future for manually configuring operating systems and web browsers to use these new technologies.