Android, the world’s most popular mobile operating system, will soon enable a security protocol that helps keep internet service providers (ISPs) from spying on users. “DNS over TLS” adds a level of encryption to your DNS requests that are (mostly) inaccessible by your ISP.
A DNS — or domain name server — translates a website address from a URL you enter in the address bar to the IP address the computer recognizes when serving the actual website. Web addresses (like thenextweb.com) are nothing more than window dressing for ease-of-use.
When a user types in a URL, it’s converted behind the scenes to an IP address. Your computer then uses this IP address to serve the files on the server, thus allowing you to view the website. This happens in nanoseconds, and the average user is none the wiser that it’s even taking place.
Unfortunately, these conversions happen in plaintext, giving anyone that’s snooping on your network access to all the sites you’re visiting.
Using current methods, the requests happen through UDP or TCP protocols, not the more secure TLS. When Android makes the switch, you’ll get the same results, only now with HTTPS-level security. That is to say, snoops now know when you’ve connected to a website, but not which one. Pornhub, for example, is the same as Gmail. Or, it is for the person spying on you. You’ll still have to live with the fact you’re watching Pokemon Go porn (safe-ish for work).
It’s not fool-proof. ISPs can, for example, see your browsing history if your DNS doesn’t support TLS. But, there are always free alternatives, like Google DNS, which does offer the protocol. Also, your DNS can still see your browsing history, which is still better than your ISP, but not 100 percent private, either.
If you really want privacy, our suggestion has always been to get a VPN. Although, make sure to do some research first to make sure your VPN really is private.
According to several commits on the Android Open Source Project (AOSP), the feature may arrive in Android 8.1.