New Breakthroughs in Online Security – Securing The Internet’s Address Book
The rise of hacking, identity theft, and malicious snooping has threatened personal and financial harm to private citizens and businesses alike, prompting industry to commit vast resources to improving online security. Despite these efforts, one aspect of Internet activity has remained particularly vulnerable: the act of accessing websites themselves. Today, the vast majority of users’ visits to websites using the Domain Name System (DNS), the “address book” for the Internet, are sent in unencrypted plaintext. Efforts to remedy this insecurity are now being explored by major web browsers.
Outside of the DNS system, considerable strides have been made to secure Internet communications from attack. Companies have designed new tools and services to make security the default for Internet users in order to ensure a safe and trustworthy online experience. For example, many websites are providing additional security for account log-in verification by enabling two-factor authentication. Additionally, the number of websites that use HTTPS to encrypt Internet traffic against eavesdropping and tampering has increased substantially in recent years. However, these positive developments have not increased security at the Internet’s “address book” level, which is why security experts have developed DNS over HTTPS, a new tool to better secure information about the websites users visit.
DNS over HTTPS: Securing Internet Addressing Information
In the perpetual cat-and-mouse game of information security, new tools and best practices are continually emerging. DNS over HTTPS (affectionately known as ‘DoH’) is the latest development, spearheaded by the Internet’s non-profit open standards development organization, the Internet Engineering Task Force. DoH is aimed at bringing the Internet’s addressing system up to the security standards that Internet users now expect. With DoH, more of users’ website browsing information is included within protected HTTPS transmissions. The DoH protocol is best explained by examining its constituent acronyms:
- Domain Name System (DNS): The public address book for the Internet that translates website domain names (such as www.congress.gov) into the corresponding Internet protocol (IP) address (such as 18.104.22.168) that a computer uses to access the website. Visiting a website requires a user’s device to send a query through different servers that make up the Domain Name System to locate and connect to the desired website.
- HyperText Transfer Protocol Secure (HTTPS): A method for securely sending and receiving data between a browser and a website using encryption.
Historically, DNS queries have been transmitted in unencrypted plaintext and have thus been vulnerable to third-party interception (more on that later). DoH confronts this longstanding insecurity by transmitting DNS website address lookups through the encrypted HTTPS protocol in order to allow users to more securely browse the Internet.
Benefits of DoH
The implementation of DoH stands to dramatically increase the security of Internet users. Under the current insecure DNS address system, any person working on a laptop at their favorite coffee shop using the store’s WiFi is potentially exposing the websites they visit to anyone else using that network. Furthermore, bad actors sitting on that network could interfere with the Internet’s addressing system by redirecting users to malicious websites. These rogue sites may attempt to infect a user’s computer with malware or trick the user into submitting login credentials, opening users up to identity theft or account takeovers. Encrypting the use of the Internet’s address book would block these types of interference.
DoH can also provide serious privacy benefits to consumers. Unencrypted DNS queries may be visible to multiple third parties including a user’s Internet Service Provider (ISP), servers operating the DNS address book, and other parties on a user’s WiFi network. Even if the majority of browsing traffic is protected by HTTPS, knowing what website an individual is searching for could reveal sensitive personal information. For example, simply knowing that a user visited a website for a medical condition support group or a divorce attorney could reveal sensitive details about that individual’s private life.
The dangers posed by the insecurity of the current DNS system are by no means conjectural. For example, in February 2019, amid an ongoing economic crisis and political conflict in Venezuela between Hugo Chavez’s successor Nicholás Maduro, and the U.S.-recognized opposition leader Juan Guaidó, Guaidó called for volunteers to assist with coordinating distribution of international humanitarian aid by registering with a website. CANTV, the state-controlled ISP, exploited the insecure nature of DNS by silently redirecting queries for the volunteer website to a Maduro administration-connected clone site, which collected the names and contact information of potential political dissidents. Volunteers who visited the malicious site later had their personal information doxxed. The ability to securely send DNS queries through DoH would severely limit the ability for nation states and hackers to carry out these types of spoofing attacks.
Additional Considerations for DoH Implementation
Recently, both Mozilla and Google have been running experiments to test how DoH could be implemented on their respective browsers, Firefox and Chrome. Mozilla appears further along in the rollout of this security feature, having recently announced plans to gradually enable DoH in partnership with resolvers who have agreed to their DoH resolver policy, which outlines privacy and security practices the resolver must promise to abide by. Meanwhile, Google is planning to run an experiment for enabling DoH in collaboration with a handful of DNS providers that already support the protocol.
Some ISPs and cable providers have objected to these new security features, arguing that DoH would interfere with content controls or threaten the decentralized nature of the Internet. Generally, complaints appear to be driven largely by ISPs’ concerns of losing the current ability to monitor and monetize individuals’ DNS queries. As Ars Technica reports, some of these assertions have misunderstood whose DNS service Chrome users will use by default. Network operators have also raised technical considerations about the appropriate implementation of DoH, stating for example that they use the current DNS infrastructure to monitor unencrypted DNS queries in order to implement parental control systems. This is why Mozilla and Google have committed to working with stakeholders throughout the Internet ecosystem to ensure that any implementation of DoH is smooth and matches user preferences.
As shown, DoH has the potential to address a longstanding and serious insecurity in the fundamental architecture of the Internet that has gone largely unaddressed by ISPs and other hosts of the DNS system. Offering users DoH security capabilities for their browsing activity will create a new dimension for vibrant competition in the online marketplace between DNS providers, a service now mostly dominated by local ISPs. The browsers and DNS providers exploring ways to implement DoH seek to fill a critical security gap and, if successful, will significantly further the pro-consumer, pro-security posture of the Internet.