Apple and Cloudflare have teamed up to build a new internet protocol aimed at preventing internet providers to track users across the web, according to TechCrunch.
The new protocol, called Oblivious DNS-over-HTTPS (ODoH), will fix one of the biggest holes in internet privacy, say Apple and Cloudflare engineers.
When you visit a website using a browser, it resolves the DNS by converting the text you enter into an IP readable by computers. These IP addresses are used to locate a website on the internet. This process isn’t encrypted meaning ISPs can snoop into your transaction and determine which website you’re visiting. Later, the ISP can sell this data to advertisers which they can use to offer intrusive ads across the web.
According to TechCrunch:
“Recent developments like DNS-over-HTTPS (or DoH) have added encryption to DNS queries, making it harder for attackers to hijack DNS queries and point victims to malicious websites instead of the real website you wanted to visit. But that still doesn’t stop the DNS resolvers from seeing which website you’re trying to visit.”
That’s when the new ODoH protocol that Apple and Cloudflare are developing comes into play. It separates DNS queries from the internet user, making it extremely difficult for a DNS resolver to decipher which sites you visit.
“Here’s how it works: ODoH wraps a layer of encryption around the DNS query and passes it through a proxy server, which acts as a go-between the internet user and the website they want to visit. Because the DNS query is encrypted, the proxy can’t see what’s inside, but acts as a shield to prevent the DNS resolver from seeing who sent the query to begin with.”
Cloudflare’s Head of Research, Nick Sullivan says that a few partner organizations are already running proxies through Cloudflare’s existing 220.127.116.11 DNS resolver. However, he mentions that it could take a while before the new protocol gets implemented within browsers and operating systems. It could take years before that happens.