In a statement, Cloudfler announced the development of a new standard for DNS, saying that this standard is the result of a partnership with Apple. Klafler says the DNS standard seeks to address the shortcomings of previous standards in Internet privacy.
The new protocol stands for Cloudfeller and Apple ODoH It’s called Oblivious DNS over HTTPS, and it takes steps to anonymize the information that is sent to the website before it enters. Whether or not the ODoH protocol can help maintain privacy on the Web is a question we will examine below; But first we need to get acquainted with how DNS works so that we can better understand the additional features of the Cluffler and Apple protocols.
Basically, DNS allows us to browse the web site without having to remember the IP address. We humans can easily understand phrases like zoomit.ir or zoomg.ir; But the computer uses the IP address (such as 22.214.171.124) to log in to websites and process various user requests.
This is exactly where DNS comes into play: When you type a website name into your browser’s search box, the computer asks the DNS server, which is usually managed by your ISP, to translate a phrase like zoomit.ir into the actual IP address of the website. The DNS server redirects the IP address to the browser so that the computer can access the destination website.
Keep in mind that this process is much more complicated than expected, and in the meantime, several things happen to get to the website; However, we tried to provide a simple explanation so that you can better understand what the situation is.
The ODoH protocol creates a proxy server between the user and the DNS server
If you are concerned about privacy, you probably know how DNS works in a way that lets the DNS server manager know what websites you are accessing. The server administrator can even monitor your website activity. As mentioned, servers are usually managed by an Internet service provider, and various reports indicate that these companies sell users’ personal data to advertising companies for profit. Cloudfar and Apple plan to take steps to address this issue through ODoH.
The main function of the ODoH protocol is to add a proxy server to the equation. In fact, ODoH creates a proxy server between you and the DNS server. Here, the proxy appears as the interface; That is, it sends your requests to the DNS server and also notifies you of the DNS response. The important point is that thanks to the addition of a proxy server, DNS does not even know who registered the request.
Of course, keep in mind that adding a proxy server can take the problem to another level. The proxy server knows the details of the request and knows that you have registered that request. What causes the proxy server to not store the exact details of the websites you have visited? At this point, the DNS over HTTPS or DoH port of the ODoH protocol takes effect.
The DoH standard has been in use for several years; But studies show that it is not yet widely used. DoH uses an encryption system to make sure that only the DNS server reads your requests. Using DoH and then redirecting it to the proxy server, you will eventually have access to the proxy server, which cannot read the request details. You will also have a religion that does not know where the request came from.
The process we have described begs the question: Can all of this protect your privacy? Note that using ODoH means that the DNS server cannot store the list of websites that you are specifically visiting; But if you hope to hide your web browsing information from your ISP, ODoH or similar technologies like DNSCrypt Anonymized DNS may not be enough.
ISPs can still route all your other traffic, which means that hiding DNS will not prevent these companies from creating a profile for you.
An important fact to keep in mind is that using one tool can not be completely secure in the web. Analysts believe that staying safe on the Web is a way of life that may not be available in the real world. However, anonymizing DNS requests can increase the strength of the wall you have drawn around to keep it secure.
Cloudfler says it has made it possible to transfer ODoH requests to the DNS service 126.96.36.199. However, in order to access this feature, you must wait for the appropriate update to be released for your browser or operating system. The update release process may take some time. DoH, for example, was approved in 2018 and is now only enabled by default in the US version of Firefox.
If you want to use the ODoH protocol sooner than the rest, it is better to go to Firefox; Because Mozilla’s chief executive has expressed interest in the new Cloudfler and Apple protocols. You can read more about the ODoH protocol by visiting the official Klafler website.