[ad_1]
Thanks to a In recent years, led by Google and others, encrypted HTTPS connections protect more data than ever when they flow between web servers and browsers. But another fundamental component of Web browsing is too often unencrypted: Domain Name System (DNS) connections that act as Internet address lookups.
In Android 9, also known as Android Pie, Google added a feature called Private DNS to start encrypting DNS on mobile. But for all Android devices that will not benefit from an operating system upgrade for some time, Alphabet's subsidiary Jigsaw is launching a free mobile app called Intra that can offer that extra layer of web protection to billions of mobile browsers around the world.
To find the site you are looking for, web browsers first connect to a DNS server, essentially an address book that searches for the site you want and tells your browser how to get there. . But since this DNS connection is often unencrypted, attackers can find ways to steal your browsing data or force your computer to connect to stale DNS servers leading you to fake malicious sites. DNS manipulation can even be used as a form of censorship, redirecting traffic from certain sources of information or effectively blocking sites.
"DNS protection is important around the world, but especially in places where freedom of expression is not adequately protected," said Ben Schwartz, a software engineer at Jigsaw. "These are also places where users can not buy the latest and greatest devices, but we want to make sure they're protected as much as possible. Intra takes over this private DNS feature introduced in Android 9 and makes it available on all Android phones made in the last seven years. "
Journalists in China or activists in Iran may be the first to seize the opportunity to use these protections, especially if they have older phones, but Jigsaw hopes to educate everyone about it. need to preserve the confidentiality of the DNS. To use Intra, simply download and activate it. From there, it automatically runs in the background to encrypt your DNS traffic. Similarly, to use the private DNS feature on Android 9, you can access Settings> Network and Internet> Advanced> Private DNS.
Android Pie implements the feature with an encryption protocol called DNS over TLS, while Intra uses a newer protocol called DNS over HTTPS. Both protocols are efficient and closely related, but Intra uses the latest version for maximum flexibility and compatibility with all networks and devices. Android Pie users can download and use Intra if they wish to have more choices or they find that the application integrates more seamlessly into their browsing.
"This is especially important in places where freedom of expression is not adequately protected."
Intra and private DNS also allow users to choose the DNS service that they wish to use. This is where Intra can connect to other efforts to protect the privacy of DNS. An example is the DNS 1.1.1.1 resolver of Cloudflare Internet Infrastructure Company, which is encrypted and does not store or track user data. In recent years, a number of organizations have identified DNS manipulation as a growing threat and have launched private DNS resolver services to encrypt more DNS traffic. Some classic projects include the Cisco OpenDNS project launched in 2006 and Google's 8.8.8.8 in 2009. However, while DNS is becoming a priority for attackers, other organizations such as Mozilla have taken additional steps this year.
The insecurities in the DNS are, however, integrated with the fundamentals of the Internet and it is complicated to make improvements. Jigsaw developers have found that upgrading Intra to run on older versions of Android was a challenge. "We found new creative ways to use the existing APIs found in Android since Android 4.0," Schwartz said. "It was kind of a puzzle where we said," We have this new feature that we've been able to integrate into Android. Is there a way to make it also available on phones where we can no longer improve the operating system? "
In a sense, the goal of Intra is to become obsolete by raising awareness of the need to incorporate DNS privacy features into operating systems and web services. Jigsaw says it has seen a lot of latent demand for the service. Jigsaw has tested Intra in the country, partly inspired by a recent report from the Open Observatory on Network Interference, documenting that DNS manipulation was used to censor news organizations in Venezuela. "We had initially tested Intra in Venezuela, where we had heard and found that DNS manipulation was frequently used to suppress journalism and political activism," says Jigsaw Product Manager Justin Henck. "From this very small test, Intra has spread word-of-mouth to reach thousands of users around the world, which shows that there is a high demand and that the DNS manipulation is a global problem that people are trying to protect themselves from. "
Jigsaw can potentially reach billions of users via Android, but it will have to be part of a concerted move of the industry to make for DNS what has already been done with HTTPS.
Biggest cable stories
Source link
