Dns over HTTPs small how to on your macos
Today while I am going to my work I was listening to the great podcast, SecurityNow.
They were talking about Dns over HTTPS and how this was pissing off the government in the UK as they were not able to filter/monitor the DNS requests of their users anymore. To the point that they named Firefox as one the villains of the internet for this years. Yeah, this seriously happened. (https://itsfoss.com/mozilla-internet-villain/)
I got really curious and I wanted to know how this feature works and if I can use it before chrome starts supporting it. Firefox does support the feature but I was thinking of ways to use this system wide. Apparently there is already a solutions for this.
I fired up my wireshark to test of this is all going to work or not and I started to monitor on ‘dns’.
After configuring the service on my macos using this plist file:
I could see ZERO dns requests on the typical UDP 53 port. Which is actually SUPER cool :D It’s really existing that this technology exists now.
Using HTTPs to secure DNS is really cool, a really old vurneable technology is now made secure and easy to use for the normal user. I have been using ToR and other solutions to secure myself when it is needed, but I am not using it all the time for all of the obvious reasons. But this, this is seriously really really cool. Kudos to firefox and to the guys who implemented this piece of software. Please check the link for the binary’s and sources: https://github.com/jedisct1/dnscrypt-proxy
Try it out, set it up! Change your config a bit! There are a lot of cool features. Create a service or a docker container and surf a bit securely today :D!
