Cookie Consent by Free Privacy Policy Generator ๐Ÿ“Œ A safer and more private browsing experience with Secure DNS

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security



๐Ÿ“š A safer and more private browsing experience with Secure DNS


๐Ÿ’ก Newskategorie: Programmierung
๐Ÿ”— Quelle: blog.chromium.org



With Chrome 83, weโ€™ve started rolling out Secure DNS, a feature built on top of a secure DNS protocol called DNS-over-HTTPS, which is designed to improve your safety and privacy while browsing the web. More concretely, Chrome will automatically switch to DNS-over-HTTPS if your current DNS provider supports it, and provide manual configuration options for users who wish to use a specific provider. DNS-over-HTTPS introduces a significant change to the Domain Name System (DNS), a system designed more than 35 years ago that is central to how the web works even to this day. Itโ€™s the sort of change that requires careful planning and collaboration, which explains why it took us a little more than 2 years, gathering test data, listening to feedback, and addressing some misconceptions, to arrive at a design that put our users first with reasonable defaults and accessible controls.



Unencrypted DNS


When you want to access your favorite website, your browser first needs to determine which server is hosting it, a step known as โ€œDNS lookupโ€. When DNS was first introduced, the internet was in its infancy, and the web did not yet exist. There was no e-commerce, no online banks, and many people did not yet see a strong need for encryption on the web. It took until 1994 for encryption to take-off with the introduction of the HTTPS protocol. Nowadays, the HTTPS protocol is almost ubiquitous and provides strong security and privacy guarantees. It helps you browse or transact on the web without fear of having your credit card or personal information stolen by other internet users, even when using a public WiFi connection. Unfortunately, DNS, on the other hand, until recently has remained unencrypted.



With unencrypted DNS, an attacker connected to the same network can observe other usersโ€™ browsing habits.

Benefits of DNS-over-HTTPS

Chromeโ€™s Secure DNS feature uses DNS-over-HTTPS to encrypt the DNS communication, thereby helping prevent attackers from observing what sites you visit or sending you to phishing websites. As the name suggests, Chrome communicates with the DNS service provider over the HTTPS protocol, the same protocol used for communicating with websites in a safe and secure manner. HTTPS is particularly appealing because it provides the following protections:
  • Authenticity: Chrome can verify that it is communicating with the intended DNS service provider and not a fake service provider thatโ€™s controlled by an attacker.
  • Integrity: Chrome can verify that the response it got from the DNS service provider hasnโ€™t been tampered with by attackers using the same network, thereby stopping phishing attacks.
  • Confidentiality: Chrome can talk to the DNS service provider over an encrypted channel which means that attackers can no longer rely on DNS to observe which websites other users are visiting when sharing the same connection, e.g. public WiFi in a library.


With DNS-over-HTTPS, an attacker can no longer rely on DNS to observe other usersโ€™ browsing habits.



The introduction of DNS-over-HTTPS gives the whole ecosystem a rare opportunity to start from a clean and dependable slate, making it easier to pursue further enhancements relying on DNS as a delivery mechanism. Thus far, the unencrypted nature of DNS has meant that features that extend DNS could randomly fail due to causes such as network equipment that may drop or modify newly introduced DNS fields. As DNS-over-HTTPS grows, it will put this concern aside because it benefits from the aforementioned HTTPS properties and sets a new reliable baseline to build upon.


Responsibly deploying DNS-over-HTTPS

Changing how DNS works is a non-trivial task. In particular, with more than 35 years of history, a lot of additional services and features have been built on top of DNS. For instance, some Internet Service Providers offer family-safe filtering via DNS. So, while we would love to have everyone benefit from Secure DNS immediately, we also know that we have to get there in a way that doesnโ€™t break user expectations. Navigating these goals led us to the โ€œsame-provider DNS-over-HTTPS upgradeโ€ approach that we experimented with at the end of 2019. The successful experiment gave us confidence about the performance and stability aspects for both Chromeโ€™s Secure DNS and our partnersโ€™ DNS-over-HTTPS services. It also highlighted opportunities to improve the auto-upgrade success rate.

Here is how this โ€œsame-provider DNS-over-HTTP upgradeโ€ approach works. Chrome maintains a list of DNS providers known to support DNS-over-HTTPS. Chrome uses this list to match the userโ€™s current DNS service provider with that providerโ€™s DNS-over-HTTPS service, if the provider offers one. By keeping the userโ€™s chosen provider, we can preserve any extra services offered by the DNS service provider, such as family-safe filtering, and therefore avoid breaking user expectations. Furthermore, if thereโ€™s any hiccup with the DNS-over-HTTPS connection, Chrome will fall back to the regular DNS service of the userโ€™s current provider by default, in order to avoid any disruption, while periodically retrying to secure the DNS communication. Finally, to avoid an issue that otherwise could arise for users running Windows, Chrome will also disable Secure DNS if Windows parental controls are enabled, so that any filtering software that relies on a regular DNS connection can continue to work while we collaborate with the ecosystem on ways for Secure DNS to co-exist with these filtering solutions.


If you are an IT administrator, Chrome will disable Secure DNS if it detects a managed environment via the presence of one or more enterprise policies. Weโ€™ve also added new DNS-over-HTTPS enterprise policies to allow for a managed configuration of Secure DNS and encourage IT administrators to look into deploying DNS-over-HTTPS for their users.


We believe that our approach strikes a good balance between moving security & privacy forward and maintaining user expectations. However, if this default behavior doesnโ€™t suit your needs, head over to Chromeโ€™s settings and search for Secure DNS to configure it to your liking. For instance, you can disable the feature altogether, or configure it in a no-fallback mode by choosing a specific DNS-over-HTTPS service provider among a list of popular options or by specifying a custom provider.
As ISPs and DNS service providers make progress on their DNS-over-HTTPS services, we expect to support more options in future milestones via our DNS-over-HTTPS program.

Chromeโ€™s Secure DNS will progressively be made available on Chrome OS, Windows and Mac OS with Android and Linux coming soon.



Onwards


While these are early days, we are proud of playing a role in the adoption of DNS-over-HTTPS and helping our users benefit from a safer and more private way of browsing the web. At the same time, we also understand how intricate DNS is, which is why weโ€™ve been and will continue to move carefully and transparently. As always, weโ€™re open to feedback and welcome collaboration with stakeholders including ISPs, DNS service providers, and Online Child Safety advocates as we make further progress in securing DNS.


Posted by Kenji Baheux, Chrome Product Manager

...



๐Ÿ“Œ A safer and more private browsing experience with Secure DNS


๐Ÿ“ˆ 62.09 Punkte

๐Ÿ“Œ A safer and more private browsing experience on Android with Secure DNS


๐Ÿ“ˆ 62.09 Punkte

๐Ÿ“Œ New Quad9 DNS Service Makes the Internet Safer and More Private


๐Ÿ“ˆ 35.9 Punkte

๐Ÿ“Œ Safer Internet Day 2020: Make Your Wi-Fi Network Safer with a DNS Filter


๐Ÿ“ˆ 35.07 Punkte

๐Ÿ“Œ Researchers From MIT and Harvard University Present a Paper Describing a New System, Dubbed Veil, That Makes Private Browsing More Private


๐Ÿ“ˆ 34.31 Punkte

๐Ÿ“Œ Lock Down Your DNS with a Pi-Hole for Safer Web Browsing at Home [Tutorial]


๐Ÿ“ˆ 33.79 Punkte

๐Ÿ“Œ Get more secure and private online browsing with Windscribe VPN, now only $70


๐Ÿ“ˆ 32.63 Punkte

๐Ÿ“Œ Making private browsing more private


๐Ÿ“ˆ 32.51 Punkte

๐Ÿ“Œ Researchers unveil Veil to make โ€˜private browsing more privateโ€™


๐Ÿ“ˆ 32.51 Punkte

๐Ÿ“Œ Private browsing vs VPN โ€“ Which one is more private?


๐Ÿ“ˆ 32.51 Punkte

๐Ÿ“Œ Private browsing vs VPN โ€“ Which one is more private?


๐Ÿ“ˆ 32.51 Punkte

๐Ÿ“Œ What Is Private Browsing And How Private Is It?


๐Ÿ“ˆ 29.58 Punkte

๐Ÿ“Œ Pangiam acquires Trueface to provide a safer and more personalized travel experience


๐Ÿ“ˆ 27.88 Punkte

๐Ÿ“Œ Medium CVE-2019-10759: Safer-eval project Safer-eval


๐Ÿ“ˆ 26.96 Punkte

๐Ÿ“Œ Medium CVE-2019-10760: Safer-eval project Safer-eval


๐Ÿ“ˆ 26.96 Punkte

๐Ÿ“Œ Safer Internet Day 2024: Mehr Sicherheit im Internet โ€“ Google gibt fรผnf Sicherheitstipps zum Safer Internet Day


๐Ÿ“ˆ 26.96 Punkte

๐Ÿ“Œ Chrome 83: Enhanced Safe Browsing, Secure DNS, a Safety Check


๐Ÿ“ˆ 26.42 Punkte

๐Ÿ“Œ The Advantages of a More Secure and Safer Blockchain


๐Ÿ“ˆ 26.11 Punkte

๐Ÿ“Œ Tailscale, Mullvad partner to deliver secure, private web browsing


๐Ÿ“ˆ 26.1 Punkte

๐Ÿ“Œ Google Is Going To Make Browsing The Web On Your Mac Lot Safer


๐Ÿ“ˆ 25.68 Punkte

๐Ÿ“Œ Safer browsing coming soon to MacOS Chrome users


๐Ÿ“ˆ 25.68 Punkte

๐Ÿ“Œ Best Firefox Add-Ons For Safer Internet Browsing


๐Ÿ“ˆ 25.68 Punkte

๐Ÿ“Œ 5 Essential Tips for Safer Internet Browsing


๐Ÿ“ˆ 25.68 Punkte

๐Ÿ“Œ Best Mobile Proxies: Unlocking Faster and More Secure Mobile Browsing


๐Ÿ“ˆ 24.84 Punkte

๐Ÿ“Œ One tweak for a more pain-free Google Chrome browsing experience


๐Ÿ“ˆ 24.82 Punkte

๐Ÿ“Œ More private browsing? Firefox gets tougher on cookie tracking with new 'total' protection


๐Ÿ“ˆ 24.72 Punkte

๐Ÿ“Œ The Complete DNS Guide - How To Change Your DNS + Cloudflare DNS


๐Ÿ“ˆ 24.33 Punkte

๐Ÿ“Œ InspIRCd up to 2.0.18 DNS PTR Response dns.cpp DNS::GetResult hostname denial of service


๐Ÿ“ˆ 24.33 Punkte

๐Ÿ“Œ Aufrรคumarbeiten im DNS: DNS Flag Day 2020 macht Druck fรผr TCP als DNS-Transportprotokoll


๐Ÿ“ˆ 24.33 Punkte











matomo