Communications of the ACM
A Controversial Plan to Encrypt More of the Internet
A new movement to encrypt a fundamental Internet mechanism, promoted by browser heavyweights like Google Chrome and Mozilla's Firefox, has sparked a heated controversy.
The changes center around the Domain Name System. Google and Mozilla plan to encrypt DNS lookups sometime this year. Not everyone is convinced that the shift solves more problems than it potentially creates.
Since DNS requests are unencrypted, bad actors can manipulate them to strategically send a user to the wrong website. It's like listing an address under someone else's name, and getting all their packages delivered to your door. This type of attack, known as DNS hijacking, has been on the rise. In January, the U.S. Department of Homeland Security issued an emergency directive about the threat.
Which explains the push for encrypted DNS: It would make those types of surveillance and misdirection much harder.
Adding a layer of encryption to DNS requires some systemic rejiggering. Secure DNS protocols rely on intermediaries called "resolvers." Mozilla has piloted its encrypted DNS with the Internet infrastructure company Cloudflare acting as the main resolver.
That centralization of DNS requests worries detractors.
From Wired
View Full Article
No entries found