Cloudflare Launches New DNS Service

By

New http://1.1.1.1 service will strive for high performance and also protect privacy

Cloudflare, the company that offers protection against DDoS attacks, is now offering a new consumer DNS service. According to the company, the new service will be “the Internet’s fastest, privacy-first consumer DNS service.” 

DNS services provided by ISPs are often slow, and the the public nature of DNS makes it difficult for them to provide privacy for users. Cloudflare has the goal of ensuring privacy and speed at the same time. According to the announcement, the new service will "wipe all logs of DNS queries within 24 hours."

"Unfortunately, by default, DNS is usually slow and insecure. Your ISP, and anyone else listening in on the Internet, can see every site you visit and every app you use — even if their content is encrypted. Creepily, some DNS providers sell data about your Internet activity or use it to target you with ads," says the Cloudflare DNS page.

To ensure privacy, Cloudflare promises "We will never log your IP address (the way other companies identify you). And we’re not just saying that. We’ve retained KPMG to audit our systems annually to ensure that we're doing what we say."

DNS is a 35-year-old protocol that was not designed with security or privacy in mind; it’s also showing its age. "What's needed is a move to a new, modern protocol. There are a couple of different approaches. One is DNS-over-TLS. That takes the existing DNS protocol and adds transport layer encryption. Another is DNS-over-HTTPS. It includes security but also all the modern enhancements like supporting other transport layers (e.g., QUIC) and new technologies like server HTTP/2 Server Push. Both DNS-over-TLS and DNS-over-HTTPS are open standards. And, at launch, we've ensured 1.1.1.1 supports both," wrote Cloudflare in the blog.

To get started with the new service just open https://1.1.1.1/ from your web browser and follow the instructions.

04/09/2018

Related content

  • Lead Image © Sergejus Bertasius, 123RF.com
    Domain name resolution with DNS over HTTPS
    The new DNS over HTTPS standard from the Internet Engineering Task Force is meant to eliminate some of the known vulnerabilities of the Domain Name System.
    more »
  • Photo by Michael D on Unsplash
    Secure and seamless server access
    The powerful Cloudflare Tunnel provides secure and seamless access to servers and applications, making it a convenient alternative to VPN for any modern IT infrastructure.
    more »
  • Photo by saeed karimi on Unsplash
    DNS name resolution with HTTPS
    Now that web content is encrypted by HTTPS, the underlying name resolution is often unprotected. We look at the classic DNS protocol and investigate whether DNS over HTTPS could be the solution to ensure the confidentiality of DNS requests.
    more »
  • Lead Image © Sebastian Duda, 123RF.com
    Infrastructure as Code with Terraform
    Application releases can take place several times a day. Terraform helps you roll out virtual machines automatically in your data center or in the cloud, and you adapt the manual only when it changes.
    more »
  • Lead Image © Leo Blanchette, 123RF.com
    Solving the security problems of encrypted DNS
    DNS encryption offers WiFi users good protection in public spaces; however, in the enterprise, it prevents the evaluation and filtering of name resolution.
    more »
comments powered by Disqus