The economy of surveillance capitalism and a world of paranoid apps will transform the Domain Name System (DNS), said Geoff Huston, chief scientist at APNIC Labs, part of the Asia Pacific Network Information Center. .
Knowing the domain names of websites you visit or servers that applications access on your behalf is valuable information. DNS traffic is especially valuable because it reflects what users are doing in real time.
âThe names you asked for, and when you ask for them, say a lot about you,â Huston said during his presentation at APNIC 52 on Wednesday.
“The network is betraying you. You leave big dirty, muddy footprints on the carpet, mate. We can see where you’re going. And that’s the problem,” he said.
“Real-time data, here, now. Not last week, not last month. This second. You couldn’t be more valuable.”
Others with more noble motives also monitor DNS traffic, looking for tell-tale signs of malicious activity, such as the rapidly evolving domain names used by botnets.
And as Edward Snowden revealed in 2013, members of the Five Eyes Magnetic Intelligence Agencies are also eager to suck up all that DNS traffic.
âAll kinds of people are actually broadcasting DNS information everywhere,â Huston said.
âThe problem is, it doesn’t matter what motivates you, good or bad. Sniffing is sniffing. A breach of privacy is an invasion of privacy, no matter what color of hat you wear. It’s not good. ”
Graft confidentiality onto decades-old protocols
The main DNS protocols date back to the 1980s and are based on a domain name structure that was developed in the 1970s. Everything takes place in the open, unencrypted.
“How do we keep people from crowding around the digital tailpipe to sniff these fumes?” Huston asks.
There are methods to prevent third parties from spying on your DNS traffic, but they have not been widely adopted.
One way to make DNS monitoring more difficult is to use an open public DNS server, such as 184.108.40.206 from Google, 220.127.116.11 from Cloudflare, OpenDNS, or Quad9 rather than your local ISP’s servers – as ISPs are notorious for sell their DNS logs to advertisers.
This can be combined with using an encrypted DNS connection, such as DNS over TLS, DNS over HTTPS (DoH), or DNS over the lighter QUIC protocol.
If you do that, you are doing a “pretty good job” of hiding in a crowd, Huston said.
“But this first part of the market? I have to trust Google. Yes, it’s true. I have to trust people who are experts in developing my profile. ”
In other words: if we have to compromise our privacy with a third party, which third party poses the least risk to us, now and in the future? It is a difficult choice.
But wait. Maybe we don’t have to compromise our privacy at all.
Enter Oblivious DNS, a cryptographically private DNS namespace
One innovative solution is Oblivious DNS, first written as a draft engineering standard in 2018 and a formal document. [PDF] in 2019.
âThe concept is delightfully simple,â Huston wrote in 2020, although some may dispute his use of the word âsimpleâ once they read his explanation.
ODNS uses a chain of DNS servers interacting through a pipeline of encrypted transactions. The details will be fascinating to DNS aficionados, but the overall strategy is easy to explain.
The DNS server near you knows who you are, so it can return the answer to you, but not what your request was because it is encrypted.
The DNS server on the other end knows which DNS query it needs to resolve because you used that server’s public key to encrypt the transaction, but not who requested it.
A similar approach called Oblivious DoH (ODoH), described in a draft standard in 2020, wraps the entire DNS transaction in an encrypted envelope.
The good thing about ODoH is that it doesn’t try to put everything in the existing DNS packet format, which means it can be slightly more elegant. The downside is that it requires an infrastructure separate from the existing DNS.
But why would anyone pay for all of this?
Huston’s future of bloated and paranoid apps
âIn economic terms, DNS is a wasteland,â Huston told APNIC 52.
âI don’t pay for requests, you don’t pay for requests. Who is funding all of this? Well, my ISP is funding a lot of it. And it sort of comes from what I pay them,â he said. -he declares.
This means that there is no incentive for ISPs to improve DNS privacy.
âFor ISP fees, DNS becomes part of Mr. Cost, it’s not Mr. Income, and so there’s a lot of resistance to growing Mr. Cost up because that’s how you basically kill your business. ”
The public servers are there, but who funds them? And how many users will change their DNS settings on their devices anyway?
âIn some ways improving DNS is a labor of love. It’s not a job for wealth and profit, âHuston said.
“Most people just use their ISP’s resolver because that’s the one you pay for, and the only person who actually has the obligation to do it for you … So overall , open DNS resolvers aren’t really going to take DNS and run over the hills. ”
Huston believes that there is one place where privacy-protecting DNS protocols could take hold, although it might not be to your advantage: inside the apps on your devices.
Facebook’s mobile app, for example, weighs over 200 megabytes because it contains a full operating system, including a full network stack.
âFacebook is paranoid about a number of things. It’s paranoid about the platform spying on it. It’s paranoid about other apps on the same platform spying on the app. Facebook, âHuston said.
âFacebook is incredibly valuable. He’s spent a lot of time and money understanding me and creating a profile of me that he can sell to advertisers. The last thing he wants to do is give that information to someone. another. It’s their data, “he said.
“Applications that separate from the DNS infrastructure as we know it are an inevitable and short-term future.”
Huston sees this progression as part of larger waves of historical change that have “played out right now before our eyes.”
The Internet has gradually evolved from network-centric services, to platform-centric services, and then to application-centric services.
âDNS is swept by this, and almost every part of DNS changes as soon as DNS is sucked into application space,â he said.
“A single consistent namespace?” No, historical garbage. Because the entire namespace then becomes application centric, and different applications will have a different namespace to meet their needs. ”