Cloudflare and Apple's Latest "Oblivious" Protocol May Eliminate Telecom Surveillance
In the digital age, concerns about online privacy have become increasingly prevalent. One area that has long been a subject of debate is the Domain Name System (DNS), which is responsible for translating web addresses into IP addresses during web browsing. A new development, Oblivious DNS-over-HTTPS (ODoH), aims to enhance the DNS system's security and privacy.
The core concept of ODoH is to insert an additional step between the user and the DNS resolver, keeping the user's IP address hidden from the resolver. This additional step, referred to as a "proxy," is "oblivious" because it hides the user's IP address.
Cloudfare, a company known for its privacy-centric DNS resolver and directory, 1.1.1.1, has been at the forefront of this initiative. In collaboration with Apple and Fastly, Cloudfare has announced plans to implement ODoH to prevent internet service providers (ISPs) from tracking web activity.
The development of ODoH was initiated by Cloudflare and Apple and was publicly announced in December 2019. Cloudfare's Head of Research, Nick Sullivan, stated that the DNS system was designed as a control system for the internet, which is why privacy has not been a primary consideration.
Currently, a few resolvers, including 1.1.1.1, 8.8.8.8, and 9.9.9.9, accept ODoH requests. However, widespread adoption is still a dream. The Electronic Frontier Foundation has pointed out that some adtech companies collect data from unnamed telecoms, and ISPs have been known to use query information for advertising purposes, with AT&T admitting that it may collect information like age and gender to deliver ads.
To address these concerns, several ISPs have vowed to provide an opt-out option, but this is often buried in jargon. For those who prioritise privacy, ODoH could be a beneficial solution in the near future.
Cloudfare views the lack of encryption and privacy in the DNS system as part of its larger mission to create a magna carta for the internet. To facilitate the development of ODoH, Cloudfare has open-sourced implementations of ODoH in both Go and Rust for developers who are confident in their skills.
In a world where data collection and privacy are hot topics, ODoH presents a promising step towards a more secure and private internet. With the support of companies like Cloudfare and Apple, and the growing awareness of privacy concerns, ODoH could become a standard practice in the near future.
