Sign In

Communications of the ACM

ACM Opinion

A Controversial Plan to Encrypt More of the Internet


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Internet encryption, illustration

A new movement to encrypt a fundamental Internet mechanism, promoted by browser heavyweights like Google Chrome and Mozilla's Firefox, has sparked a heated controversy.

The changes center around the Domain Name System. Google and Mozilla plan to encrypt DNS lookups sometime this year. Not everyone is convinced that the shift solves more problems than it potentially creates.

Since DNS requests are unencrypted, bad actors can manipulate them to strategically send a user to the wrong website. It's like listing an address under someone else's name, and getting all their packages delivered to your door. This type of attack, known as DNS hijacking, has been on the rise. In January, the U.S. Department of Homeland Security issued an emergency directive about the threat.

Which explains the push for encrypted DNS: It would make those types of surveillance and misdirection much harder.

Adding a layer of encryption to DNS requires some systemic rejiggering. Secure DNS protocols rely on intermediaries called "resolvers." Mozilla has piloted its encrypted DNS with the Internet infrastructure company Cloudflare acting as the main resolver.

That centralization of DNS requests worries detractors.

From Wired
View Full Article


 

No entries found