Если вам есть, что сказать сообществу профессионалов ИБ и ИТ – заведите здесь свой блог

Firefox Enables DNS over HTTPS

Аватар пользователя schneier
Автор: Шнайер Брюс,
(0)
()
Об авторе: 
Американский криптограф, доктор в области компьютерных наук и популярный автор книг по ИБ. Основатель криптографической компании Counterpane Internet Security. Ранее работал на Министерство обороны США.

This is good news:

Whenever you visit a website -- even if it's HTTPS enabled -- the DNS query that converts the web address into an IP address that computers can read is usually unencrypted. DNS-over-HTTPS, or DoH, encrypts the request so that it can't be intercepted or hijacked in order to send a user to a malicious site.

[...]

But the move is not without controversy. Last year, an internet industry group branded Mozilla an "internet villain" for pressing ahead the security feature. The trade group claimed it would make it harder to spot terrorist materials and child abuse imagery. But even some in the security community are split, amid warnings that it could make incident response and malware detection more difficult.

The move to enable DoH by default will no doubt face resistance, but browser makers have argued it's not a technology that browser makers have shied away from. Firefox became the first browser to implement DoH -- with others, like Chrome, Edge, and Opera -- quickly following suit.

I think DoH is a great idea, and long overdue.

Slashdot thread. Tech details here. And here's a good summary of the criticisms.

 
Комментарии в Facebook
 

Вы сообщаете об ошибке в следующем тексте:
Нажмите кнопку «Сообщить об ошибке», чтобы отправить сообщение. Вы также можете добавить комментарий.