Microsoft tests built-in DNS over HTTPS for Windows 10 client

Users can activate the service to encrypt internet traffic from all apps and services at source

Windows Insiders have been given the chance to test a DNS-over-HTTPS (DoH) protocol hardwired into Windows 10 that can be activated to encrypt their web traffic.

Users with access to the latest Windows 10 preview build can turn on the service through the Registry Editor and choose from a host of Windows IP addresses as a DNS server. The system then communicates with the chosen server and traffic from apps and services will flow through DoH instead of classic DNS over port 53.

Advertisement - Article continues below

The technology, a replacement for the decades-old domain name service (DNS) protocol, has been growing in popularity in recent years, with prominent browsers such as Mozilla’s Firefox leading the charge.

When activated on Windows 10, it’ll effectively mask all users’ web activity in such a way that individuals will be safeguarded against interception from third parties, including from Internet Service Providers (ISPs).

Existing domain name service (DNS) technology is decades-old and highly insecure, leaving connections open to interception by third parties and to man-in-the-middle attacks. This is effectively how ISPs monitor customers’ web browsing and enforce web filters.

DoH, on the other hand, encrypts all web traffic from the source, limiting the prospect for others to manipulate or redirect web traffic when DNS requests are resolved.

Advertisement
Advertisement - Article continues below

Microsoft began working on an in-built DoH service for Windows 10 in November last year, hoping to phase out the use of DNS technology given it’s one of the last remaining plain-text domain name transmissions in web traffic.

Advertisement - Article continues below

ISPs deride the technology because it prevents them from monitoring web users’ traffic to ensure customers aren’t accessing copyrighted, extremist or illegal content. Web filters, moreover, would be utterly disabled by the widespread implementation of DoH.

These organisations are obliged to filter content and implement parental controls as stipulated by the Digital Economy Act 2017. The legislation included a provision for websites hosting adult content to implement age verification checks, but the measures were continuously delayed due to technical and practical difficulties, and eventually abandoned altogether in October 2019.

The government, meanwhile, is in the process of trying to understand the implications of DoH and how it relates to UK law. As of last May, the Department for Digital, Culture, Media and Sport (DCMS) was working with the National Cyber Security Centre (NCSC) according to the parliamentary under-secretary of state for DCMS, Lord Ashton of Hyde.

“This involves liaising across government and engaging with industry at all levels, operators, internet service providers, browser providers and pan-industry organisations to understand rollout options and influence the way ahead,” he said, speaking in the House of Lords

Advertisement - Article continues below

“The rollout of DoH is a complex commercial and technical issue revolving around the global nature of the internet.”

The lack of legal clarity has been the source of frustration for some in the industry. For example, Nominet’s CEO Russell Haworth has previously suggested that DoH could be a real technological improvement but must be implemented carefully and with the full involvement of the government and law enforcement.

ISPA had previously branded Mozilla an “internet villain” for plans to roll out DoH in its Firefox web browser in July 2019. The nomination was met with ridicule at the time, with Open Rights Group (ORG) executive director Jim Killock telling IT Pro it’s “a bit like saying peanut butter is evil”.

Featured Resources

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Remote working 2020: Advantages and challenges

Discover how to overcome remote working challenges

Download now

Keep your data available with snapshot technology

Synology’s solution to your data protection problem

Download now

After the lockdown - reinventing the way your business works

Your guide to ensuring business continuity, no matter the crisis

Download now
Advertisement
Advertisement

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
UN report points to a 350% rise in phishing websites at start of 2020
phishing

UN report points to a 350% rise in phishing websites at start of 2020

7 Aug 2020