In a move touted as boosting privacy and security, Google
on Tuesday rolled out a relatively new encryption technology for domain name look-ups.
The technology, called “DNS over HTTPS,” uses a secure protocol to communicate with the
Domain Name System -- often described as a phone book for the web. The Domain Name System translates the addresses typed into a URL bar into IP addresses.
The Chrome 83 browser will now use
that protocol by default for users if their current Domain Name System provider supports it. Providers that support the encryption
currently include Comcast, Cloudflare, OpenDNS and Google Public DNS. People who don't want the setting will
be able to disable it.
advertisement
advertisement
The new technology will help “prevent attackers from observing what sites you visit or sending you to phishing websites,” Chrome product manager Kenji
Baheux wrote in a blog post Tuesday.
Google adds that encrypting domain name lookups will also enable
Chrome to protect users' privacy, particularly if they are sharing an internet connection. “Chrome can talk to the DNS service provider over an encrypted channel which means that attackers can
no longer rely on DNS to observe which websites other users are visiting when sharing the same connection, e.g. public WiFi in a library,” Baheux wrote.
Google's move comes three months
after Mozilla's Firefox browser also began encrypting domain name lookups.
Consumer advocacy groups including Electronic Frontier Foundation, Consumer Watchdog and National Consumers League
have endorsed the shift toward encrypted domain names. The organizations told Congress last year that the encryption technology would combat
“a situation in which all sorts of sensitive user data were exposed to an enormous range of eavesdroppers.”