Chrome for Android is switching to DNS-over-HTTPS (DoH), a protocol that encrypts DNS requests to help keep users safe and more private. This protocol prevents malicious actors from reading the content of your requests, or even redirecting your traffic.
Last May, Google launched Chrome 83 on PC, one of the main new features being the integration of DNS-over-HTTPS to secure the browsing of Internet users. The company has just announced the same functionality for users of the mobile version of its browser. An update to chrome 85 for Android will introduce the option in the coming days.
Chrome: how does DNS encryption work?
When you enter a web address in Chromium or any other your browser, this is converted to its IP version which is the only one capable of being interpreted by machines. The role of the DNS server is to manage the correspondence between the IP address of a website and the associated domain name each time a user makes a request. However, until now the DNS has remained unencrypted unlike HTTPS, the secure version of HTTP.
HTTPS helps you browse or transact the web without worrying about your credit card data or personal information being stolen by hackers, even when using a public WiFi connection. The rDNS queries are however carried out in clear, which poses a real problem for confidentiality and security by favoring man-in-the-middle attacks.
Clearly, a malicious actor can intercept the content of DNS requests to redirect Internet users' traffic, which gives free rein to all kinds of manipulation. Thanks to DNS-over-HTTPS, requests are encrypted, which greatly limits the risk of attack exploiting the weaknesses of traditional DNS. Chrome 85 introduces this encryption to Android.
Google Chrome will automatically switch to DoH if your ISP supports it. One thing to note, however, is that Google does not force the use of its 220.127.116.11 DNS. " By using this approach, we can retain all of the services offered by your DNS service provider, such as parental controls, and thus avoid breaking user expectations ”, explains Google on its site. The deployment of DNS encryption on the mobile version of Chrome will be phased in over the coming weeks.