Google is looking to add an encryption protocol to its browser to make it even more efficient to bypass Chrome's blocking of “wrong” sites. It's called DNS over HTTPS (DoH for short) and is growing in popularity. As part of a pilot project, Chrome developers plan to introduce a new tool in the next stable build of the browser, which is expected to be released in October 2019.
How it works
The Google team calls the main idea of the trial implementation of the protocol in the Chrome browser to protect the confidential information of users and improve its security. The operation of the protocol on public Wi-Fi will prevent network users from seeing sites that others are visiting, or, for example, DoH will help prevent hidden redirects to an incorrect IP address.
At the beginning of the experiment, six providers intend to introduce DNS over HTTPS support into their own DNS systems. At the same time, the technology for working with DNS queries will not change. Only the protocol itself will change, in which additional encryption protection will be introduced. As a result, an attempt to block a resource or filter traffic by domain name will only work on platforms without DoH support.
As part of the experiment, the Google team is going to first of all check how effective it is to bypass the blocking of Chrome sites using the DoH protocol and, in addition, to find out its effect on the data transfer rate. The experiment involves all mobile and desktop platforms with support for Chrome, with the exception of Linux and iOS.
If you refuse to use DoH, the browser will revert to normal DNS service settings. This will also happen during an unplanned protocol failure. Chrome developers have provided an option to opt out of experimental use of the new encryption feature. This can be done directly in the browser settings by configuring the appropriate command.
Often, to restrict access to resources that have fallen out of favor, supervisory services need the IP address of an unwanted site and a domain name, which is found out through a DNS request. In this case, bypassing Chrome blocks using the DoH protocol will hide the URL of a specific resource, since the DNS request will receive additional encryption.
Another way to restrict access to a specific site - through the IP address - also often happens in practice. In this case, bypassing the Chrome blocking will also work when an IP address is provided for a DNS request, which is additionally protected using the DNS-over-HTTPS protocol.
The Topic of Article: Chrome browser will get additional blocking bypass functionality.