zanderthunder Posted October 29, 2019 Share Posted October 29, 2019 Last month, Google announced a plan to encrypt DNS — or DNS over HTTPS (DoH) — in Chrome. In the United States, this was met with criticism from Internet Service Providers for limiting monitoring capabilities, but supported by privacy activists. Google today is pushing back against “misconceptions” regarding its rollout. Quote Whenever you type a URL into your browser (for example “redcross.org”), this information is sent to a domain name system (DNS) provider that converts that request into the unique numerical “IP address” (e.g. 162.6.217.119) that identifies websites on the Internet. The current lack of encryption when browsers make requests to DNS providers means that others could track what sites you’re visiting or maliciously redirect you to another page. Chrome and other browser solutions involve secure DNS connections with DNS-over-HTTPS. Google starts by noting that it is not changing a user’s DNS provider to its own 8.8.8.8 service. Rather, Chrome is just supporting those secure connections if you’re using a current provider that supports DoH. Quote Chrome will check if the user’s DNS provider is among a list of participating DoH-compatible providers and if so, it will enable DoH. If the DNS provider is not on the list, Chrome won’t enable DoH and will continue to operate as it does today. Another concern has been how encrypted DNS in Chrome will interfere with parental controls offered by ISPs that block inappropriate websites. There should be no actual impact. Quote In fact, any existing content controls of your DNS provider, including any protections for children, should remain active. DoH secures the URL data only while it’s in transit between your browser and the DNS provider, so your provider’s malware protection and parental control features will continue to work as they have in the past. So far, Chrome only has plans to roll out DoH support for 1% of users. Still an “experiment,” Google wants to monitor performance and reliability, while Chrome 79 will offer the ability to opt-out via a new flag: chrome://flags/#dns-over-https. Source: Google addresses ‘misconceptions’ about Chrome’s encrypted DNS push (via 9to5Google) Link to comment Share on other sites More sharing options...
steven36 Posted October 29, 2019 Share Posted October 29, 2019 I knew that from day one Quote So basically it don't work unless your use one of these DNS system wide witch is fine by me because ill stay with using system wide methods changing my DNS to providers that don't log not providers they pick that all log as long as they don't latter down the road try to force Google DNS on you with this witch i doubt they will because of website blocking laws outside the USA but you never know about Tech companies . there not even doing this in Linux like Firefox is or for IOS Cleanbrowsing Cloudflare DNS.SB Google OpenDNS Quad9 More concretely, the experiment in Chrome 78 will check if the user’s current DNS provider is among a list of DoH-compatible providers, and upgrade to the equivalent DoH service from the same provider. If the DNS provider isn’t in the list, Chrome will continue to operate as it does today. The providers included in the list were selected for their strong stance on privacy and security, as well as the readiness of their DoH services, and also agreed to participate in the experiment. The goals of this experiment are to validate our implementation and to evaluate the performance impact. Our experiment will run on all supported platforms (with the exception of Linux and iOS) for a fraction of Chrome users. On Android 9 and above, if the user has specified a DNS-over-TLS provider in the private DNS settings, Chrome may use the associated DoH provider, and will fallback to the system private DNS upon error. Source: https://blog.chromium.org/2019/09/experimenting-with-same-provider-dns.html Firefox way is better they let you turn it off or on and put in any DoH provider in even ones that don't log and it works with out changing DNS It also means Google is spying on your DNS to know to enable it or not ! I want use Google Chrome on Linux i do have Chromium Snap With VAAPI (Hardware-Accelerated Video Decoding) Support https://www.linuxuprising.com/2019/01/ubuntu-testing-chromium-snap-with-vaapi.html Google Chrome has no plains on enabling this on Linux so Brave Browser offers the same features Google does and much more on Linux . I have no reason to use Closed source browsers and i would use none of there DNS providers that logs system wide no way. There spying on your DNS to see witch provider your using but them spying on you is nothing new they been doing it for years with Google Safe Browsing even in Firefox and other Chromium forks and i been disabling that since 2012 . I don't trust and ad company with privacy or security and them only giving you a choice of DNS providers that log that you have to use system wide to use DOH is more reason not to trust them. I can put a non logging DOH provider in Firefox and not have to change my DNS system wide witch is my VPNs DNS most of the time . Or I can turn it off and use none. To use DOH in chrome this is what I have to do 1. Boot into Windows because its not implemented in the Linux version . Which i'm not willing to do just to use DOH 2.Install Google Chrome , Which im not willing to do because ive never used it. 3. Change my no logging DNS to a logging DNS provider in my VPN software . Which im not willing to do and it would be a oxymoron if i did. To Use DOH on Firefox 1. Go to DNS settings in Firefox and put in a non logging provider and thats all. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.