Google launched DNS over HTTPS yesterday with the release of Chrome 83 Stable to the public. The company calls the service Secure DNS.
What is it used for? DNS lookups are not encrypted by default. This means that DNS can be used to track web pages that a user opens on the internet. In addition, since it is not encrypted, malicious users can exploit it for many unpleasant purposes for the end user.
DNS over HTTPS tries to address this issue by encrypting DNS lookups. It uses HTTPS for them and this means that lookups are more secure and private. So DNS lookups can no longer be used to monitor a user's activity on the Internet and malicious users can no longer handle their attacks.
Of course, like we mentioned a few days ago, the latest Windows 10 Insider Builds support DNS over HTTPS at the operating system level. This means that all applications connected to the Internet will be protected.
Google has decided to implement DNS over HTTPS in Chrome without interfering with a system's existing DNS settings. Using DNS over HTTPS in Chrome is hardcoded in the browser.
Chrome continues to allow normal (non-encrypted) connections if problems are encountered with DNS lookups and will not use Secure DNS at all if parental controls are enabled on Windows systems or if certain Enterprise policies are set.
If you use Chrome you can enable DNS over HTTPS immediately. But it can take weeks or even months to reach certain devices.
If you do not want to wait that long, do the following to enable Chrome now (restrictions still apply):
Open the internal chrome address: // flags / # dns-over-https and set the flag to "Enabled".
Then restart Chrome
You may need to change the DNS servers on the device, as they should support Secure DNS. Google DNS, Cloudflare, Quad9 and Cleanbrowsing support Secure DNS.
Google plans to bring more Settings for the new feature. When it does we will see them in chrome: // settings / security. There is currently only one new option to enable or disable Secure DNS.