Privacy has become the biggest concern of people these days. At a time like this, promises of new technology are definitely enticing. So what is this new technology which assures us that our browser is going to be more private from now on?
It’s DNS over HTTPS, in short DoH.
What is DoH ( DNS-over-HTTPS )?
You need to learn about DNS first. When visiting a web page, your browser first needs to know the location of the server hosting that web page (IP address).
Now here’s what DNS does. Domain Name System, in short, converts human-readable addresses (like www.google.com) into an address that a computer can read (220.127.116.11).
Your browser locates the IP address by sending a DNS query to the global database and then waits for the IP address to come as the answer.
This is how it has worked since the 1980s but recently it has been under scrutiny due to its ability to expose the private information of users.
For example, can you ever imagine having to share the information regarding every website you visited with another person without your knowledge?
Now, this is where DoH or DNS over HTTPS comes to your rescue. DoH encrypts your DNS queries in such a way that only the recipient can read and decrypt it.
This new technology is specifically helpful when you’re using a public WiFi network, like that of railways or hostels that can be monitored by others.
So what is the current scenario?
Web browsers need to send queries to someone to decrypt and answer; most of these browsers send these queries to a special server which is provided by their Internet Service Provider, or ISP.
Most of these ISPs today do not support DNS over HTTPS yet.
So what does it mean?
It means that those people who want to benefit from DoH have to send their queries to those who at the moment does support DoH. That, in turn, means sending their queries to a third-party organization.
What are the problems then?
In practice, the DNS over HTTPS will not have that much of an impact on the web browsing experience.
Problems start from the fact that most of the technology is dominated by US-based companies, over which most of the governments feel they have little control.
Who has raised concerns?
Some organizations have openly raised questions regarding the implementation of DNS over HTTPS.
For instance, the government of the UK believes the use of DoH can possibly limit its ability to monitor the web activities of suspected criminals.
Another organization, Internet Watch Foundation, fears that DoH may hinder their ability to block web material related to child abuse images. This foundation, which reports such material to Internet providers, fears it may also need to block part of DoH itself.
Role of third party DoH providers
The main concern that seems prevalent is that these third party DoH providers may not be as responsive to the requests of content blocking.
Questions have been raised about these third party DoH providers, like Google or Cloudflare, to be recording all the DoH queries they might receive; this can increase their ability to monitor the internet activity of the world.
Experts also believe that DoH may lead people to a false sense of security which in turn may leave them more open to privacy attacks.
A review of the whole scenario
Overall, it seems all the concerns of major organizations and experts stems from the fear of US dominance over huge global data. In roots, the tug of war is all about power, about who should have it and who should not.
Or in this condition, who should control the world of web and who shouldn’t. This new technology definitely won’t come in countries without a never-ending heated debate over security issues.
So what do you think about it? Would you like to have DoH powered by a third party? Do think about it! Till then, bye!