WebProNews

Cloudflare, Apple and Fastly Create Improved, Private DNS

Earth Internet - Image by Pete Linforth

Engineers from Cloudflare, Apple and Fastly have worked together to create an improved DNS protocol that protects user privacy.

DNS is the backbone of the internet, responsible for mapping domain names (such as WebProNews.com) to the IP addresses where the site and its content resides. Unfortunately, because the internet was conceived and designed at a time when security was not a big concern, DNS queries are sent in clear text. This means it is relatively easy to intercept DNS traffic and see what site a person is trying to reach, as well as the IP address of the device they’re using.

There have been attempts to address this security issue, including DNS over HTTPS (DoH) and DNS over TLS (DoT). Both of these upgrades, however, rely on an ISP, or similar company, responsible for resolving the DNS queries. As a result, there is still a potential trust issue, as the DNS resolving entity can still see the DNS queries.

This is where Cloudflare, Apple and Fastly’s work comes into play. The three companies have announced the creation a new protocol: Oblivious DNS over HTTPS (ODoH). This new protocol is designed to separate the client from the DNS resolver, providing total privacy and anonymity.

“ODoH is a revolutionary new concept designed to keep users’ privacy at the center of everything,” says Michael Glynn, Vice President, Digital Automated Innovation, PCCW Global. “Our ODoH partnership with Cloudflare positions us well in the privacy and ‘Infrastructure of the Internet’ space. As well as the enhanced security and performance of the underlying PCCW Global network, which can be accessed on-demand via Console Connect, the performance of the proxies on our network are now improved by Cloudflare’s 1.1.1.1 resolvers. This model for the first time completely decouples client proxy from the resolvers. This partnership strengthens our existing focus on privacy as the world moves to a more remote model and privacy becomes an even more critical feature.”

ODoH is an important step forward in privacy and security, and will hopefully see fast and widespread adoption.