Future-Proofing Cybersecurity After DNS-over-HTTPS
By Rick Deacon on March 9, 2020
Internet browser security is changing — and fast. In the last few weeks, internet users in the United States noticed that Firefox now defaults to something called DNS-over-HTTPS or DoH , for short. Google Chrome and other browsers might follow suit.
DoH is a relatively new security protocol that improves privacy by hiding domain name lookups from someone nefarious on public WiFi, local networks, and even your ISP. When enabled, DoH ensures that your ISP can't collect and then sell all the personal info that's related to your browsing behavior.
Here's everything you wanted to know about DoH but were too afraid to ask.
What Is DoH, Exactly?
In recent years, there has been a general shift toward encryption on the internet. Most browsers use HTTPS encryption, and Google Chrome marks sites that still use the old HTTP standard as "not secure." However, there's an even newer technology out there, and it's called DoH. Currently, you can find it as an option in Google Chrome and the default in Firefox.
"This encryption ensures that no one can tamper with a web page while you're viewing it or snoop on what you're doing online," says HowToGeek. "For example, if you connect to Wikipedia.org, the network operator — whether that's a business's public Wi-Fi hotspot or your ISP — can only see that you're connected to wikipedia.org. They can't see which article you're reading, and they can't modify a Wikipedia article in transit."
With DoH, your computer system makes an encrypted connection to your DNS server and transfers the request over that same connection. This means that everyone in between won't be able to see the domain names that you're looking at. As you can see, DoH certainly adds a new layer of security to your browsing experience...
DoH Is a Good Thing, Right?
It goes without saying, then, that DoH is certainly a good thing for private individuals as it gives them more privacy when browsing the internet. However, this new tech could have a significant impact on businesses that rely on browsing information to tailor products and services to consumers.
There has also been a concern that DoH can stop schools from monitoring young people's web activity, which is essential in keeping them safe.
The problem is, DoH will "break" a lot of the cybersecurity solutions that many companies rely on to collect valuable (and legal) information from consumers. Proxy solutions, for example, which some companies use to limit the impact of SSL, could prove useless.
Is There Another Solution?
It's important to note that, when implemented correctly, DoH is definitely a good thing for privacy. However, many companies will try and get around this technology by changing their infrastructure or breaking security protocols. They do this because DoH, while useful, places limits on the valuable information they need for sales, marketing, and other vital business functions.
There is an alternative.
Airlock provides the same type of "unencryption" as before DoH. but it doesn't change your infrastructure or break security protocols. Essentially, you can have the best of both worlds.
With Apozy's Airlock, you can get the information you need _and _protect the privacy of consumers online.
Founded in April of 2014 in San Francisco, we are a venture-backed motley crew of passionate hackers building cybersecurity technologies to make the world's information faster, cleaner and safer to access.