New security feature on Android allows offline DNS requests

Google recently tested a new feature on Android that encrypts DNS requests and prevents hackers from viewing users' network traffic.

The new feature called 'DNS over TLS' is a protocol that encrypts DNS traffic, similar to the secure TLS protocol for connecting over HTTPS. The goal is to hide the DNS requests that users create. This is important because DNS requests are similar to HTTPS's Asin heels.

When you type the website address in the browser, the query will be sent to the DNS server to find the website's IP address. DNS queries are sent as text (in UDP or TCP) without being encrypted.

Even if the traffic goes through HTTPS, the attacker can still see the DNS request and guess which page the user is accessing. DNS Security Extensions - DNSSEC - only ensures data integrity, not security.

New security feature on Android allows offline DNS requests Picture 1
New protocol helps secure DNS queries

Last year, the IETF Interdisciplinary Technical Task Force proposed the 'DNS over TLS' feature. The XDA developer news site is the first to show two lines of code that confirm this, including 'Add a global setting to disable DNS over TLS' and 'Add a developer option for controlling DNS over TLS'.

It is unclear whether this support has been added to the Android OS or will not be available in the upcoming update, but the presence of the On / Off option at the Developer Options setting shows that Google is serious about testing this feature.

Note that the new feature does not prevent the service provider from knowing which pages users are accessing because they always see which IP address the user is interacting with.

See also: DUHK attacks allow hackers to obtain encryption keys for VPN and web browsing sessions