MagicSahar Posted December 18, 2020 Share Posted December 18, 2020 Quote Ad-blocker company AdGuard has deployed on Wednesday the world's first-ever DNS-over-QUIC (DoQ) resolver into a production environment as part of the company's Android and iOS applications. AdGuard's DoQ resolver will work by resolving its users' DNS queries (converting website URLs into IP addresses) using the new QUIC data transfer protocol. DOQ REPLACES UDP WITH QUIC INSIDE DNS' UNDERBELLY Today, by default, DNS queries are resolved via the standard UDP protocol. The problem is that UDP traffic is not encrypted and is available in clear text to any network observer, making it easy for ISPs to track even encrypted HTTPS traffic by looking at the DNS queries proceeding those connections. This weakness has been known for a long time and is what led to the creation and current proliferation of DNS alternative protocols like DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT). However, both DoH and DoT have their own drawbacks. DoH merely hides DNS inside HTTPS, while DoT adds TLS support to DNS, a cumbersome process for both DNS servers and app makers WHAT IS QUIC QUIC is a new "data transport" protocol that started as a project at Google to develop an alternative to the aging and slower TCP protocol, which currently underpins most internet traffic today, together with UDP. Google's first attempt to develop a TCP alternative was the SPDY protocol. SPDY was considered a success at the time and was eventually broadly adopted as the "data transport" layer for the HTTP/2 web protocol. Source : https://www.zdnet.com/article/ad-blocker-adguard-deploys-worlds-first-dns-over-quic-resolver/ Link to comment Share on other sites More sharing options...
DannyR49 Posted December 18, 2020 Share Posted December 18, 2020 Yesterday 17-Dec-2020, I installed AdGuard✔️Premium v3.6.1 and activated the DNS-over-QUIC resolver and all seems to be working real well, so far. Link to comment Share on other sites More sharing options...
stylemessiah2 Posted December 18, 2020 Share Posted December 18, 2020 Probably not going to work real well on any network i admin, nor many that enterprise admins admin, as we block QUIC, because too much gets hidden and many of us like content blocking/content reporting QUIC sounds like a good idea but as it obfuscates traffic it opens a security hole QUIC ports 80 and 443 UDP are blocked on every network i look after Prolly not going to bother home users, who are going to be oblivious to the security impact.... Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.