Macbook Air M1Source: Daniel Bader / iMore

What you need to know

  • Engineers from Apple and Cloudflare say they have patched one of the biggest holes in internet privacy.

Engineers from Apple and Cloudflare claim they have patched one of the biggest holes in internet privacy, thanks to a new protocol called Oblivious DNS-over-HTTPS.

As reported by TechCrunch:

Engineers at Cloudflare and Apple say they've developed a new internet protocol that will shore up one of the biggest holes in internet privacy that many don't know even exists. Dubbed Oblivious DNS-over-HTTPS, or ODoH for short, the new protocol makes it far more difficult for internet providers to know which websites you visit.

From TechCrunch's explainer:

Every time you go to visit a website, your browser uses a DNS resolver to convert web addresses to machine-readable IP addresses to locate where a web page is located on the internet. But this process is not encrypted, meaning that every time you load a website the DNS query is sent in the clear. That means the DNS resolver — which might be your internet provider unless you've changed it — knows which websites you visit. That's not great for your privacy, especially since your internet provider can also sell your browsing history to advertisers.

The new protocol will add a layer of encryption to a DNS query before sending it through a proxy server, a third-party between a user and the website they are trying to visit. The encryption means the proxy can't see the request but will shield the query from the resolver. Cloudflare head of research Nick Sullivan said it was designed to "separate the information about who is making the query and what the query is."

Thankfully, the new protocol doesn't seem to impact website load times. A big breakthrough, it may be a while before this tech hits the mainstream, TechCrunch noting it could take months or even years before the protocol is added to browsers and operating systems. A big breakthrough nonetheless.