Sunday, June 7, 03:55
Home security DoH creates more problems than fixes!

DoH creates more problems than fixes!

In recent months there has been a theory that the protocol DNS-over-HTTPS (DoH) is the epitome of privacy protection. But in reality it is not.

According to experts at cybersecurity, the DNS-over-HTTPS protocol causes more problems than it fixes and should not be promoted for any reason as a method of privacy. Instead, people should focus more on implementing better DNS traffic encryption, such as DNS-over-TLS.

DoH

DNS-over-HTTPS was created a few years ago and was proposed as an Internet standard last October (IETF RFC8484). It is already supported by Android and is scheduled to be released on both Mozilla Firefox as well as in Google Chrome.

DoH encrypts DNS queries, which are like normal HTTPS data traffic. These DoH queries are sent to dedicated DoH-resolved DNS servers — called DoH resolvers. They resolve the DNS query within a DoH request and respond to the user also in an encrypted manner.

This is why organizations that have DoH-enabled products advertise them as a way to prevent ISPs from tracking users' internet traffic and as a way to circumvent censorship in oppressive countries.

On the other hand, experts say that these Companies irresponsibly promoting an unfinished protocol that doesn't really protect users and causes more problems than it fixes, especially in the business sector.

DoH does not actually prevent ISP users from being identified.

DNS is not the only protocol involved in web browsing. There are still many other data points that service providers could track to find out where a user is going. Anyone who says that DoH is blocking ISPs from tracking users is to some extent a lie.

The DoH goes beyond business policies.

For businesses, DoH has been a nightmare ever since it was proposed. DoH creates a mechanism to replace DNS hosts and allows employees to use DoH to bypass any traffic filtering solutions based on DNS.

DoH

DNS-over-HTTPS weakens it cybersecurity.

Experts argue that when it protocol DNS is encrypted, an organization can no longer use DNS query data to find out if a user is trying to access a known malware domain, let alone block it. The advice is for companies to consider alternative methods of blocking outbound traffic, solutions that are not just based on DNS data.

The DoH helps criminals.

What is important about DoH is that it helps users bypass online censorship. The problem is that DNS-over-HTTPS also bypasses DNS-based blocklists that have been implemented for legitimate reasons, such as those against access to websites child abuse, terrorism content, and sites with stolen copyrighted material.

The general idea is that DNS-over-HTTPS is not what many people think. In fact, it does not protect users from spying. Businesses should invest in new ways of tracking and filtering data traffic, as the era of DNS-based systems seems to be ending. Such systems they already exist, but they are expensive and this is the main reason why many companies rely on DNS systems so far.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

SecNews
SecNewshttps://www.secnews.gr
In a world without fences and walls, who needs Gates and Windows

LIVE NEWS

Lyrics from AI technology or from people: Can you tell them apart?

While a large percentage of people can recognize when they are talking on a chatbot instead of a human operator, it seems that this is not the case ...

Technology and children: When are they ready for safe use?

Today's children and teens use various messaging apps and social media to ...

Call of Duty Black Ops Cold War: The first video leaked

The first video from the gameplay of Call of Duty 2020, which is rumored to be called Black Ops Cold War, has just been revealed.

Elon Musk: "It's time to break up Amazon"

Elon Musk intensifies the fight with Jeff Bezos with a new tweet: The General Manager of Tesla Inc., Elon Musk, said ...

Attack on America's 5G towers on Saturday!

Protests over 5G connectivity are scheduled to take place over the weekend, according to NATE. According to a recommendation that was identified ...

Windows 10 Updates: You can block them with Wu10Man!

Microsoft launched the Windows 10 update in May 2020, so it will be available on your computer soon ....

ECh0raix Ransomware: New campaign targets QNAP NAS devices!

Malicious agents behind eCh0raix Ransomware have launched a new campaign targeting QNAP NAS devices. ECh0raix was observed ...

Mac: How to change the storage location of your screenshots?

When you take screenshots on your Mac device using the Shift-Command-3 shortcut to take a screenshot of the entire computer screen or Shift-Command-4 ...

Malware USBCulprit: Aims devices that are not connected to a network

Did you think that devices without any connection to a local or other network (air-gapped devices) are safe? Think again! The USBCulprit malware that ...

Free Microsoft Teams: You can finally create meetings!

Users of the free version of Microsoft Teams can now create video meetings. The change, identified by ...