Cloudflare made the odd decision to announce their new encrypted DNS service on April Fools Day, however a week later has proved not to be a joke as it is still up and running. Even better, in the past week there has been huge amount of traffic through the new DNS and it has proved to be stable and quick. If you are looking for a way to prevent your online traffic to be tracked via your DNS requests then consider updating your settings on your PC or router to use the new DNS, though be aware some ISPs get twitchy when you move off of their DNS servers and may do interesting things to your service. If you are curious about DNS encryption and why you might want to use it you should check out Ars Technica's write up here.
"While executed with some unique Cloudflare flare, 126.96.36.199 isn't the first encrypted DNS service by any means—Quad9, Cisco's OpenDNS, Google's 188.8.131.52 service, and a host of smaller providers support various schemes to encrypt DNS requests entirely. But encryption doesn't necessarily mean that your traffic is invisible; some encrypted DNS services log your requests for various purposes."
Here is some more Tech News from around the web:
- Microsoft Office 365 and Azure Active Directory go TITSUP* @ The Register
- Windows Mail has started nagging some users to upgrade to Office 365 @ The Inquirer
- T-Mobile Austria stores passwords as plain text, Outlook gets message crypto, and more @ The Register
- Upgrade Your Mac With A Touchscreen, For Only A Dollar @ Hack a Day
- Microsoft open sources File Manger to give Windows 10 a whiff of the 90s @ The Inquirer
- Nvidia is killing off GeForce driver support for 32-bit OSes @ The Inquirer
- Jackrabbot : The Robot That Learns From Human Behaviour @ TechARP
Cloudflare’s DNS isn’t
Cloudflare’s DNS isn’t encrypted, although they support the main three potentially viable protocols for DNS encryption (DoH, DNS over TLS, and DNSCrypt) – actually implementing them on the client side for a typical user is a nightmare, at this point. Other DNS provider support some combination of these protocols as well (Quad9, OpenDNS) and have been around longer, although Cloudflare may be the only one supporting all of them, in addition to DNSSEC too. Anyway… my point was that calling it an “encrypted DNS service” is a misnomer.
It is a shame setting DNS
It is a shame setting DNS encryption is hard and gives a large number of issues. Hope/pray this will change in the coming years.
But I think it will not, as there are not really any big players this will give an advantage to. Maybe Apple will start providing an encryptic DNS service and set it as the standard/option on their iOS and MACs.
They are compatible with it,
They are compatible with it, so in essence they are offering it. That you have to configure it yourself instead of having it automatically configured doesn't mean they don't offer encryption. Thus the link to Ars for the actual story in my quick news post.