«
»

Cloudflare Launches 1.1.1.1 Consumer DNS With A Focus On Privacy

I didn’t post this yesterday as it was April Fools Day and I didn’t want people to think this was a joke.

With that out of the way, Cloudflare which is a company that focuses on protecting enterprises from things like DDoS attacks has launched their 1.1.1.1 DNS service which is its first consumer product. Here’s why you should care:

DNS itself is a 35-year-old protocol and it’s showing its age. It was never designed with privacy or security in mind. In our conversations with browser, operating system, app, and router manufacturers nearly everyone lamented that, even with a privacy-first service like 1.1.1.1, DNS inherently is unencrypted so it leaks data to anyone who’s monitoring your network connection. While that’s harder to monitor for someone like your ISP than if they run the DNS resolver themselves, it’s still not secure.

What’s needed is a move to a new, modern protocol. There are a couple of different approaches. One is DNS-over-TLS. That takes the existing DNS protocol and adds transport layer encryption. Another is DNS-over-HTTPS. It includes security but also all the modern enhancements like supporting other transport layers (e.g., QUIC) and new technologies like server HTTP/2 Server Push. Both DNS-over-TLS and DNS-over-HTTPS are open standards. And, at launch, we’ve ensured 1.1.1.1 supports both.

We think DNS-over-HTTPS is particularly promising — fast, easier to parse, and encrypted. To date, Google was the only scale provider supporting DNS-over-HTTPS. For obvious reasons, however, non-Chrome browsers and non-Android operating systems have been reluctant to build a service that sends data to a competitor. We’re hoping that with an independent DNS-over-HTTPS service now available, we’ll see more experiments from browsers, operating systems, routers, and apps to support the protocol.

The fact that Cloudflare assures that your browsing habits will be kept private is important. ISPs among others desperately want to take your browsing data and make money off of it any way they can. Thus if you factor in the repeal of net neutrality in the US, this is a perfect time for a service like this to launch., If you visit https://1.1.1.1/ you can get set up with this promising new DNS service. I’ll be trying it out and writing a follow up on this in the coming days.

This entry was posted on April 2, 2018 at 7:43 am and is filed under Commentary with tags . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Cloudflare Launches 1.1.1.1 Consumer DNS With A Focus On Privacy”

  1. Why I Am Now Using DNS.Watch As My DNS Provider…. At Least For Now | The IT Nerd Says:
    December 12, 2019 at 9:25 am

    […] a troubleshooting step, I removed the Cloudflare DNS service that I had been using instead of my ISP’s DNS service and replaced it with the DNS service […]

    Reply

Leave a Reply

Discover more from The IT Nerd

Subscribe now to keep reading and get access to the full archive.

Continue reading