Most of the traffic on the web is encrypted. And more websites are adopting basic encryption measures every day. That means that, in theory, eavesdroppers have a hard time seeing whom you’re writing to on Gmail or what you’re looking up on Wikipedia.
But there’s a catch. Big sites like Google and Facebook can see what links you click from their services, and use tracking cookies to follow you around the web. Various tools can help you block this type of tracking, but another big window into your browsing habits remains. Your broadband provider or someone who has hijacked your internet connection could still see what sites you’re visiting. They might not be able to tell what you’re watching on, say, Pornhub, but they can know that you visited the site.
That’s an obvious problem for people who live under authoritarian regimes. But there are other reasons to worry. Many broadband providers in the US are also media and advertising companies. Verizon, for example, has an extensive digital advertising operation thanks to acquisitions of AOL and Yahoo. It’s perfectly legal for carriers to their customers’ internet history to target advertising.
For the past two years, the Internet Engineering Task Force, which sets standards for the web, has been working on a new protocol for the internet’s address book—the domain name system, or DNS—that would make it harder to spy on what pages you visit. The standard isn’t finalized, but the security company Cloudflare appears to be launching a service called “126.96.36.199 that supports the new protocol. A test version of the Firefox web browser implements the protocol, but Cloudflare’s service is not enabled by default.1
The 188.8.131.52 website was publicly available Thursday, drawing links and comments on Hacker News. The 184.108.40.206 site was offline by mid-day Friday. But a cached version of another Cloudflare page with the same content was still visible at Archive.org.2 Cloudflare declined to comment.
The reason it’s so easy for prying eyes to see what websites you’re visiting has to do with the design of DNS. Whenever you visit a website using its domain name, like “wired.com,” software on your phone or computer looks up the domain using what’s called a DNS resolver. The DNS resolver, typically run by your broadband provider, translates the domain name into a number called an IP address that your device can use to actually find the site you’re looking for.
Communication between your device and the DNS resolver typically is unencrypted. You can get around this by using a service called a virtual private network, or VPN, which routes all your traffic through a single connection, essentially making it appear that you only visit one site. But an incorrectly configured VPN could still “leak” DNS information.
The new “DNS over HTTPS” protocol would fix that by encrypting communication between devices and DNS resolvers much the same way web traffic is encrypted today. The operator of a DNS resolver would still be able to see what sites you’re visiting, but it would be much harder for outside parties to intercept that data. A similar protocol called DNSCrypt works with Cisco’s DNS resolver OpenDNS, but hasn’t been widely adopted.
The idea behind Cloudflare’s service is that instead of using the DNS service offered by your broadband provider, you would go into your operating system’s preferences and point to 220.127.116.11. You can do this today, but because most operating systems don’t support DNS over HTTPS, your DNS queries generally won’t be encrypted unless you’re using software that supports the standard, such as the test version of Firefox.
Cloudflare would still have access to your browsing history if you use its DNS resolver, and not everyone is happy about that idea. “Cloudflare is a third party that some of us don’t necessarily want to trust with our browsing history,” one user wrote in response, when Mozilla, the maker of Firefox, revealed its initial plan to test the service.
“This experiment is testing a feature that could add valuable privacy and security protections for our users,” Mozilla director of trust and security Marshall Erwin responded in the same forum thread. Selena Deckelmann, an engineering director at Mozilla, updated the thread on Friday saying the test that would have used Cloudflare’s DNS resolver by default has been put on hold.3
Cloudflare isn’t the only company working on a domain resolver that supports the new encryption standard. Google’s Public DNS service is also experimenting with DNS over HTTPS. Google says its DNS resolver doesn’t retain users’ personal information. But unlike Google or many broadband providers, Cloudflare isn’t an advertising company. The material from the 18.104.22.168 site that was briefly available argued that Cloudflare, which makes money selling services designed to speed up websites and protect them from attacks, doesn’t want to use customers data.
The 22.214.171.124 website material that was briefly available promised that the company will never sell users’ browsing history or use it to target ads, and it promises not to log personally identifying information and to submit to audits to ensure it lives up to its promises.
1CORRECTION, March 30, 9:35 pm ET: The Cloudflare service is not enabled by default in any version of Firefox. An earlier version of this article may have suggested that it was enabled by default.
2UPDATE, March 30, 9:35 pm ET: Information about the cached page available at Archive.org has been added to this article.
3UPDATE, March 30, 9:35 pm ET: This line has been updated to reflect Mozilla’s decision to postpone a test of the the Cloudflare service.