From Newsgroup: comp.security.misc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
WWDC Apple this year will boldly go where its peers have gone before by implementing support for encrypted DNS in iOS and macOS.
"Starting this year, Apple platforms natively support encrypted DNS,"
said Tommy Pauly, internet technologies engineer, in a video
presentation for Apple's 2020 Worldwide Developer Conference,
virtualized this year by necessity.
More specifically, macOS 11, iOS 14, and Mac Catalyst framework 14 (for
Mac version of iPad apps) will support DNS-over-TLS (DoT) and
DNS-over-HTTPS (DoH). These Apple operating system updates are scheduled
for release later this year, likely in September or October.
When you visit a website with a browser, or connect to a service via an
app, the software will, typically, in the background send domain-name
system (DNS) queries to DNS servers, such as ones provided by your ISP,
to translate domain names, like theregister.com, into network IP
addresses the programs can use. These queries are typically sent
unencrypted, meaning eavesdroppers on the network path can snoop on the
names of sites and services you're using, and modify the query results
to redirect you to malicious websites.
Encrypted DNS, as its name suggests, encrypts those queries to shield
them from snoops and meddlers.
DoT started taking shape in 2014. A proposal to establish DoH as a
standard was drafted in 2017. And a year later, a research paper
presented at a Usenix conference underscored the need for better
security when it reported that about 8.5 per cent of DNS queries were intercepted by service providers.
Around that time, with standards in place, internet companies got
serious about encrypting DNS queries, and people had arguments about how
DoH disempowers network administrators and let people flout filters put
in place to protect them from smut and illegal content.
Cloudflare began supporting DNS-over-TLS and DNS-over-HTTPS queries in
2018 with the launch of its 1.1.1.1 DNS service. Mozilla began rolling
out DoH support last year.
Google began testing DoH last year and just implemented it in Chrome 83 recently. Microsoft talked about secure DNS last year and is now testing
it for Windows. Even Comcast joined the party this week with Firefox.
Which brings us back to Apple.
Full story:
https://www.theregister.com/2020/06/27/apple_dns_macos_ios/ -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEERD1MOZjGRQLqpSYmj4/UTHxzPQUFAl75AzYACgkQj4/UTHxz PQU/6A//Th9or4qenAJnVsNxhkrkGLEeKJmy2TjnfiL5j/NPgvCFWwcXHz/Li13W TKZogRInO70z9Dzwe11NytHV73sc7z4ktmykcQe1+lVgK0d9+4OLVMNUDN+EdoyO dE8jM0B5DZQMUJe56cuuTmAtp3gUCEF5hDBR2vZ9z8DqX7t2CkYAEmKM3Faso05F OLlISIr8IpvrlPpNlWqLClp6eccRw5ipFNLSG+mn8Xt4VNAD/u928X3WdM+WiYkv v1Sy/n1O4af79UIq/Cio/T1YBn2zULolikqUjDMPuy3LU0J6KFwlhB5sK894ry9u nF50azlEzk48lSkBtK4608BPRtOgIfybKLllFXFN5lLSPhjdAuZBSQLID+QNl76h kyR7U0ZjIZl1xit87ccZWqwcVF5DNHqnS572vUQsgCjyf8vYfYu9BZPQ0tRsB9Eb v5hu49EMG85oz+AsYnPmc3UhfiweWmY+fY0pc3W8rDHgKdvKIAYmWhxHTzpg2Y3l itc4G9IFc2XrAVBeJingxsnLx9Xowj6Q8GOR10AS+O2vhrhj3D8VG61mGsz0hd5c lw7O8Gm9ukFqiltKX2lQ63iW2lDLGKSfrGyo7fCol+/CWMJNiCzfXC+XYUivtb4X 2A2qwiKsWTSSiKkcKiG5Hg6MTj0q+ZCThNhwoSnEuEx/IqmhWhM=
=+u86
-----END PGP SIGNATURE-----
--- Synchronet 3.18a-Linux NewsLink 1.113