In iOS 14 and macOS, Big Sur Apple will add support for encrypted DNS connections

IOS 14, iPadOS 14 or macOS Big Sur have received many innovations designed for security, one more will be the arrival of DNS support over HTTPS or TLS. Thanks to this support, developers will be able to create applications that use this type of connection and thus secure our browsing history.

DoT and DoH, privacy comes to DNS queries

Before continuing with the article, let’s take a very brief look at what DNS is. A The domain name server is a kind of « program » where we can check IP addresses. different areas. In other words, if we want to visit, we need to know that the address of the machine where it is located is, this is the address we are asking from the DNS server.

This consultation, in general, is done in an unencrypted way, so the telephone operators or anyone in our network can intercept the traffic and know which direction we are asking. From there, knowing which pages we visited is really simple.

Given the situation, a system has been developed to perform DNS queries within the TLS (DoT) layer or over HTTPS (DoH), in short, in encrypted form. The advantage is that no one except the DNS server will know the content of the query’s question / answer. And this advantage is the one that reaches all Apple platforms with the new versions of the operating system.

Apple a incorporating the system for DoH and DoT into frameworks that developers can then use to create your applications. Thanks to this new feature, applications will be able to update their applications or create new ones using these new options. As Tommy Pauly, an Internet technology engineer at Apple, explained, there are two ways to implement DNS encryption:

The first is to use a single encrypted DNS server for all the applications in the system. If you provide a public DNS server You can now create a network extension application that configures the system to use your server. Or, if you use MDM to configure corporate settings on devices, you can configure a profile to configure encrypted DNS settings for your networks.

The second way to enable encrypted DNS is directly from an app. If you want your app to use encrypted DNS, even if the rest of the system is not yet encrypted, you can select a specific server to use for some or all of your app’s connections.

New Mac Ransomware Appears in Hacked Applications

Obviously, Apple has invested a lot of time and dedication to make its operating systems even more secure. These are changes that can probably go unnoticed, but, while they are, they are still there, improving our privacy and security.