Surf the internet slightly more privately

Browsers started supporting Encrypted DNS few years back, but encryption in ClientHello was missing in TLS that was leaking the domain name you were visiting in plaintext to anyone who can see raw bytes flowing during TLS Handshake.

Now things have changed many websites and browsers have started supporting ECH(Encrypted ClientHello). https://blog.cloudflare.com/announcing-encrypted-client-hello/

How to enable it on Chrome?

# Enable Secure DNS

Open

chrome://settings/security

and toggle Use secure DNS as shown in image below and select your preferred Secure DNS provider

#Enable ECH

Open

chrome://flags/

in address bar, and Search for Encrypted Client Hello

Set it to Enabled and click Relaunch button at bottom of screen

# Verification

Test1 — Visit https://crypto.cloudflare.com/cdn-cgi/trace and verify

sni=encrypted

is present.

Test 2 — Visit https://www.cloudflare.com/ssl/encrypted-sni/ and click Check My Browser