Google Follows Firefox Lead With Chrome DoH Test

Google is to follow the lead announced by Mozilla and its Firefox browser, when it confirmed it will test DNS-over-HTTPS (DoH) in Chrome 78.

Google said the “experiment” as the search engine giant seeks “to improve our users’ privacy, security, and safety.”

Mozilla had earlier this week confirmed plans to switch on by default DoH for Firefox desktop users in the United States. DNS-over-HTTPS will automatically encrypt website requests, in an effort to strengthen the surfing habits and privacy of its users.

DNS-over-HTTPS

Now Google has confirmed in a blog post that it will experiment with the technology in Chrome 78.

“As part of our long standing commitment to making the web safer to use, we will be conducting an experiment to validate our implementation of DNS-over-HTTPS (aka DoH) in Chrome 78,” wrote Kenji Baheux, Chrome product manager. “As the name implies, the idea is to bring the key security and privacy benefits of HTTPS to DNS, which is how your browser is able to determine which server is hosting a given website.”

Essentially, DoH makes a browser send a Domain Name System (DNS) request over the encrypted version of the HTTP protocol.

DNS is the tech that makes Silicon UK for example readable for computers, by turning it into an IP address. Computers normally send DNS requests in the clear, which leaves them vulnerable to man-in-the-middle attacks so the attackers can see what websites are being visited or change the DNS request to redirect the user to a malicious website.

But Google said that this experiment will not impact any parental controls that are in place and will not override the user’s choice of DNS provider.

“This experiment will be done in collaboration with DNS providers who already support DoH, with the goal of improving our mutual users’ security and privacy by upgrading them to the DoH version of their current DNS service,” wrote Baheux. “With our approach, the DNS service used will not change, only the protocol will. As a result, existing content controls of your current DNS provider, including any existing protections for children, will remain active.”

DNS pledge

“More concretely, the experiment in Chrome 78 will check if the user’s current DNS provider is among a list of DoH-compatible providers, and upgrade to the equivalent DoH service from the same provider,” wrote Baheux. “If the DNS provider isn’t in the list, Chrome will continue to operate as it does today.”

“This experiment is the humble first step of a long collaborative journey to improve our users’ privacy, security, and safety,” he concluded. “We can’t wait to see how DoH performs in the wild, and welcome your feedback!”

It was reported in April that Google was planning to rollout a feature in its Chrome browser that makes it easier for users to manage tracking cookies, including limiting them.

The move would be a major step for Google, which is itself the dominant player in online advertising.

Quiz: What do you know about Google?

Tom Jowitt @TJowitt

Tom Jowitt is a leading British tech freelance and long standing contributor to TechWeek Europe

Recent Posts

Trend Micro Buys Cloud Security Specialist For £54m

Cloud Conformity acquisition aimed at helping customers guard against misconfigured public cloud accounts, beginning with Amazon Web Services

9 hours ago

Smart Speakers Hacked To Listen In, Steal Passwords

Malicious third-party apps for Google Home and Amazon's Alexa can listen in on conversations and trick users into revealing passwords

10 hours ago

Facebook Considers Alternative Approaches To Libra

Project could use multiple coins pegged to national currencies rather than a single synthetic cryptocurrency, Facebook says, as regulatory pressure…

12 hours ago

EU Data Regulator Finds ‘Serious Concerns’ Over Microsoft Contracts

Microsoft's contracts with EU agencies found to have 'significant scope for improvement' where it comes to protecting citizens' data

12 hours ago

Dell Boomi: Building Agile Integrated Data Ecosystems

Dell Boomi focuses on helping businesses including Sky, Dropbox and LinkedIn make sense of their mismatched IT applications and infrastructure,…

13 hours ago

Russian Cyber-Spies ‘Hijacked Iranian Attack Infrastructure’

Turla hacking group carried out at least 20 successful cyber-raids around the world using Iranian attack tools, NCSC says

13 hours ago