In a move touted as boosting privacy and security, Google on Tuesday rolled out a relatively new encryption technology for domain name look-ups.
The technology, called “DNS over HTTPS,” uses a secure protocol to communicate with the Domain Name System -- often described as a phone book for the web. The Domain Name System translates the addresses typed into a URL bar into IP addresses.
The Chrome 83 browser will now use that protocol by default for users if their current Domain Name System provider supports it. Providers that support the encryption currently include Comcast, Cloudflare, OpenDNS and Google Public DNS. People who don't want the setting will be able to disable it.
The new technology will help “prevent attackers from observing what sites you visit or sending you to phishing websites,” Chrome product manager Kenji Baheux wrote in a blog post Tuesday.
Google adds that encrypting domain name lookups will also enable Chrome to protect users' privacy, particularly if they are sharing an internet connection. “Chrome can talk to the DNS service provider over an encrypted channel which means that attackers can no longer rely on DNS to observe which websites other users are visiting when sharing the same connection, e.g. public WiFi in a library,” Baheux wrote.
Google's move comes three months after Mozilla's Firefox browser also began encrypting domain name lookups.
Consumer advocacy groups including Electronic Frontier Foundation, Consumer Watchdog and National Consumers League have endorsed the shift toward encrypted domain names. The organizations told Congress last year that the encryption technology would combat “a situation in which all sorts of sensitive user data were exposed to an enormous range of eavesdroppers.”