Google nezvekutanga kwekuiswa kwechikamu (DoH, DNS pamusoro peHTTPS) yevashandisi veChrome 85 vachishandisa Android platform. Iyo modhi ichaitwa zvishoma nezvishoma, ichivhara vashandisi vakawanda uye vakawanda. Kare in Kugonesa DNS-pamusoro-HTTPS yevashandisi vedesktop kwatanga.
DNS-pamusoro-HTTPS inozoitwa otomatiki kune vashandisi vane marongero anotsanangura DNS vanopa vanotsigira tekinoroji iyi (yeDNS-pamusoro-HTTPS mupi mumwe chete unoshandiswa seDNS). Semuyenzaniso, kana mushandisi aine DNS 8.8.8.8 yakataurwa mumasetin'i sisitimu, ipapo Google's DNS-over-HTTPS sevhisi (βhttps://dns.google.com/dns-queryβ) ichaitwa muChrome kana DNS. iri 1.1.1.1 , ipapo DNS-over-HTTPS service Cloudflare ("https://cloudflare-dns.com/dns-query"), nezvimwewo.
Kubvisa matambudziko nekugadzirisa makambani intranet network, DNS-pamusoro-HTTPS haishandiswe pakusarudza kushandiswa kwebrowser mumasisitimu anotungamirwa. DNS-pamusoro-HTTPS zvakare yakaremara kana vabereki kudzora masisitimu akaiswa. Kana paine kutadza kushanda kweDNS-pamusoro-HTTPS, zvinokwanisika kudzosera kumashure marongero kune yenguva dzose DNS. Kuti udzore kushanda kweDNS-pamusoro-HTTPS, sarudzo dzakakosha dzakawedzerwa kune zvigadziriso zvebrowser zvinokutendera kudzima DNS-pamusoro-HTTPS kana kusarudza mumwe mupi.
Ngatiyeukei kuti DNS-pamusoro-HTTPS inogona kubatsira kudzivirira kuburitswa kweruzivo nezve akakumbirwa mazita evatambi kuburikidza nemaseva eDNS evanopa, kurwisa MITM kurwiswa uye DNS traffic spoofing (semuenzaniso, kana ichibatanidza kune yeruzhinji Wi-Fi), kuverengera. kuvharira padanho reDNS (DNS-pamusoro-HTTPS haigone kutsiva VPN mukunzvenga kuvharira kunoitwa padanho reDPI) kana kuronga basa kana zvisingaite kuwana zvakananga DNS maseva (semuenzaniso, kana uchishanda kuburikidza neproxy). Kana zviri zvakajairika zvikumbiro zveDNS zvakatumirwa zvakananga kumaseva eDNS anotsanangurwa mukugadziriswa kwehurongwa, saka kana iri DNS-pamusoro-HTTPS chikumbiro chekutarisa iyo IP kero yakavharirwa muHTTPS traffic uye inotumirwa kuHTTP server, uko. iyo solver inogadzira zvikumbiro kuburikidza neWebhu API. Iyo iripo DNSSEC chiyero inoshandisa encryption chete kuratidza mutengi uye server, asi haidzivirire traffic kubva pakubata uye haivimbisi kuvanzika kwezvikumbiro.
Source: opennet.ru