Εταιρείες όπως η Microsoft, η Google και η Mozilla προωθούν το DNS μέσω HTTPS (DoH). Αυτή η technology θα κρυπτογραφήσει τις αναζητήσεις DNS, βελτιώνοντας το on-line απόρρητο και την ασφάλεια. Αλλά είναι αμφιλεγόμενο: Η Comcast ασκεί πιέσεις εναντίον της .
Here's what you need to know.
What is DNS Over HTTPS?
The web promotes encryption of all by default. At this point, most of the sites you access are likely to use HTTPS encryption. Modern web browsers like Chrome now mark any website that uses standard HTTP as "unsafe". HTTP / 3, the new version of the HTTP protocol, has encryption.
Αυτή η κρυπτογράφηση διασφαλίζει ότι κανείς δεν μπορεί να παραβιάσει μια by clicking here while watching her or watching what you do online. For example, if you connect to Wikipedia.org, your network administrator — whether it's a business public Wi-Fi hotspot or your ISP — can only see that you're connected to wikipedia.org. They can't see which article you're reading, and they can't modify a Wikipedia article in transit.
But in promoting encryption, DNS is lagging behind. The domain name system makes it possible to connect to websites through their domain names and not by using numeric IP addresses. Enter a domain name such as iguru.gr and your system will contact the configured DNS server to obtain the IP address associated with iguru.gr. It will then connect to this IP address.
Μέχρι τώρα, αυτές οι αναζητήσεις DNS δεν έχουν κρυπτογραφηθεί. Όταν συνδέεστε σε έναν ιστότοπο, το σύστημά σας απενεργοποιεί ένα αίτημα λέγοντας ότι αναζητάτε τη διεύθυνση IP που σχετίζεται με κάποιο domain. Όλοι οι ενδιάμεσοι – πιθανώς ο πάροχος υπηρεσιών Internet σας, αλλά ίσως και μόνο μια δημόσια κυκλοφορία σημείων πρόσβασης Wi-Fi hotspot – θα μπορούσαν να καταγράψουν σε ποια domains συνδέεστε.
Today, most people use DNS servers provided by their ISP. However, there are many third-party DNS servers such as Cloudflare 1.1.1.1 , the Google Public DNS and OpenDNS . These third party providers are among the first to enable it support διακομιστή για DNS μέσω HTTPS. Για να χρησιμοποιήσετε το DNS μέσω HTTPS, θα χρειαστείτε ένα διακομιστή DNS και έναν computer-πελάτη (όπως ένα πρόγραμμα περιήγησης ιστού ή ένα λειτουργικό σύστημα) που τον υποστηρίζει.
Who will support it?
Η Google και η Mozilla δοκιμάζουν ήδη το DNS μέσω HTTPS στο Google Chrome και στο Mozilla Firefox. Στις 17 Νοεμβρίου 2019, η Microsoft ανακοίνωσε ότι θα υιοθετήσει DNS μέσω HTTPS στη δικτύωση των Windows. Αυτό θα διασφαλίσει ότι κάθε εφαρμογή στα Windows θα έχει τα πλεονεκτήματα του DNS μέσω HTTPS.
You can also go to chrome: // flags / # dns-over-https to enable it.
In the current fixed version of Firefox today, you can go to Menu> Options> General, scroll down and click on "Settings" in the Network Settings area to find this option. Enable "Enable DNS via HTTPS."
Apple has not mentioned anything about DNS over HTTPS, but we expected it to follow the rest.
Why is Comcast Lobbying against it?
It sounds very controversial and it is. Comcast is obviously pushing to stop Google from deploying DNS over HTTPS because something will be lost.
In a Motherboard post, Comcast claims that Google is pursuing "unilateral plans" ("together with Mozilla") to enable DoH and "[collect] the majority of global DNS data in Google," which would mean "A fundamental change in the decentralized nature of Internet architecture. ”
Many of them are wrong. Mozilla's Marshell Erwin told Motherboard that "the allegations as a whole are extremely misleading and inaccurate." In a post on the company's blog, Chrome product manager Kenji Beaheux points out that Google Chrome will not force anyone to change their DNS provider. Chrome will work with your current system DNS provider, and if it does not support DNS over HTTPS, Chrome will not use DNS over HTTPS.
Since then, Microsoft has announced plans to support DoH at the Windows operating system level. So with Microsoft, Google and Mozilla embracing the new technology, it is not a "unilateral" plan by Google.
Some people think that Comcast does not like DoH because it can no longer collect DNS search data. However, Comcast said it was not spying on DNS searches. The company insists it supports encrypted DNS but wants a "collaborative solution across the technology community" rather than "unilateral action".
How will DNS Over HTTPS work?
With Comcast's weird objections, let's take a look at how DNS works via HTTPS. When DoH support is enabled in Chrome, Chrome will only use DNS over HTTPS if supported by the system's current DNS server.
In other words, if you have a provider like Comcast and refuses to support DoH, Chrome will work as it does today without encrypting DNS searches. If you have selected another DNS server (Cloudflare DNS, Google Public DNS, or OpenDNS), Chrome will use encryption to "speak" to your current DNS server, automatically logged in.
