Skip to main content

Google addresses ‘misconceptions’ about Chrome’s encrypted DNS push

Last month, Google announced a plan to encrypt DNS — or DNS over HTTPS (DoH) — in Chrome. In the United States, this was met with criticism from Internet Service Providers for limiting monitoring capabilities, but supported by privacy activists. Google today is pushing back against “misconceptions” regarding its rollout.

Whenever you type a URL into your browser (for example “redcross.org”), this information is sent to a domain name system (DNS) provider that converts that request into the unique numerical “IP address” (e.g. 162.6.217.119) that identifies websites on the Internet.

The current lack of encryption when browsers make requests to DNS providers means that others could track what sites you’re visiting or maliciously redirect you to another page. Chrome and other browser solutions involve secure DNS connections with DNS-over-HTTPS.

Google starts by noting that it is not changing a user’s DNS provider to its own 8.8.8.8 service. Rather, Chrome is just supporting those secure connections if you’re using a current provider that supports DoH.

Chrome will check if the user’s DNS provider is among a list of participating DoH-compatible providers and if so, it will enable DoH. If the DNS provider is not on the list, Chrome won’t enable DoH and will continue to operate as it does today.

Another concern has been how encrypted DNS in Chrome will interfere with parental controls offered by ISPs that block inappropriate websites. There should be no actual impact.

In fact, any existing content controls of your DNS provider, including any protections for children, should remain active. DoH secures the URL data only while it’s in transit between your browser and the DNS provider, so your provider’s malware protection and parental control features will continue to work as they have in the past.

So far, Chrome only has plans to roll out DoH support for 1% of users. Still an “experiment,” Google wants to monitor performance and reliability, while Chrome 79 will offer the ability to opt-out via a new flag: chrome://flags/#dns-over-https.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Google — experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Check out 9to5Google on YouTube for more news:

Comments

Author

Avatar for Abner Li Abner Li

Editor-in-chief. Interested in the minutiae of Google and Alphabet. Tips/talk: abner@9to5g.com