Microsoft tests built-in DNS over HTTPS for Windows 10 client

Users can activate the service to encrypt internet traffic from all apps and services at source

Windows Insiders have been given the chance to test a DNS-over-HTTPS (DoH) protocol hardwired into Windows 10 that can be activated to encrypt their web traffic.

Users with access to the latest Windows 10 preview build can turn on the service through the Registry Editor and choose from a host of Windows IP addresses as a DNS server. The system then communicates with the chosen server and traffic from apps and services will flow through DoH instead of classic DNS over port 53.

Advertisement - Article continues below

The technology, a replacement for the decades-old domain name service (DNS) protocol, has been growing in popularity in recent years, with prominent browsers such as Mozilla’s Firefox leading the charge.

When activated on Windows 10, it’ll effectively mask all users’ web activity in such a way that individuals will be safeguarded against interception from third parties, including from Internet Service Providers (ISPs).

Existing domain name service (DNS) technology is decades-old and highly insecure, leaving connections open to interception by third parties and to man-in-the-middle attacks. This is effectively how ISPs monitor customers’ web browsing and enforce web filters.

DoH, on the other hand, encrypts all web traffic from the source, limiting the prospect for others to manipulate or redirect web traffic when DNS requests are resolved.

Advertisement - Article continues below

Microsoft began working on an in-built DoH service for Windows 10 in November last year, hoping to phase out the use of DNS technology given it’s one of the last remaining plain-text domain name transmissions in web traffic.

Advertisement - Article continues below

ISPs deride the technology because it prevents them from monitoring web users’ traffic to ensure customers aren’t accessing copyrighted, extremist or illegal content. Web filters, moreover, would be utterly disabled by the widespread implementation of DoH.

These organisations are obliged to filter content and implement parental controls as stipulated by the Digital Economy Act 2017. The legislation included a provision for websites hosting adult content to implement age verification checks, but the measures were continuously delayed due to technical and practical difficulties, and eventually abandoned altogether in October 2019.

The government, meanwhile, is in the process of trying to understand the implications of DoH and how it relates to UK law. As of last May, the Department for Digital, Culture, Media and Sport (DCMS) was working with the National Cyber Security Centre (NCSC) according to the parliamentary under-secretary of state for DCMS, Lord Ashton of Hyde.

“This involves liaising across government and engaging with industry at all levels, operators, internet service providers, browser providers and pan-industry organisations to understand rollout options and influence the way ahead,” he said, speaking in the House of Lords

Advertisement - Article continues below

“The rollout of DoH is a complex commercial and technical issue revolving around the global nature of the internet.”

The lack of legal clarity has been the source of frustration for some in the industry. For example, Nominet’s CEO Russell Haworth has previously suggested that DoH could be a real technological improvement but must be implemented carefully and with the full involvement of the government and law enforcement.

ISPA had previously branded Mozilla an “internet villain” for plans to roll out DoH in its Firefox web browser in July 2019. The nomination was met with ridicule at the time, with Open Rights Group (ORG) executive director Jim Killock telling IT Pro it’s “a bit like saying peanut butter is evil”.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now

Most Popular


The top ten password-cracking techniques used by hackers

5 May 2020

Nokia breaks 5G record with speeds nearing 5Gbps

20 May 2020
cloud computing

Microsoft launches public cloud service for health care

21 May 2020