Encrypted DNS

In the early days of the Internet, security was not at the fore front of the designers. It was still a new technology and many parts of the Internet are still not secure. DNS is one of those areas where your search query is sent in plain text even if you are using HTTPS.

There are several projects to encrypt DNS but no standard has been agreed upon and implemented. Securing DNS requires some technical know how and it has some drawbacks of being complicated and is sometimes slower on the network.

DNSPrivacy.Org an advocacy group for DNS security and privacy, lists some of the problems with our current DNS technology:

"Those queries can reveal not only what websites an individual visits but also meta data about other services such as the domains of email contacts or chat services."

"However DNS queries are sent in clear text (using UDP or TCP) which means passive eavesdroppers can observe all the DNS lookups performed."

"Some ISPs log DNS queries at the resolver and share this information with third-parties in ways not known or obvious to end users."