Apple devices will get encrypted DNS in iOS 14 and macOS 11

(Image credit: Shutterstock)

Apple recently announced that the next versions of iOS and macOS will include support for handling encrypted DNS communications.

In a presentation at WWDC 2020, the company said that when iOS 14 and macOS 11 release this fall, both operating systems will support DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT).

When a user visits a website, their browser sends domain name system (DNS) queires to DNS servers which translate domain names into IP addresses. Traditionally these queries are not encrypted and sent in clear text which has allowed third parties and even Internet Service Providers (ISPs) to snoop on the websites users visit online.

By using DoH or DoT, web browsers and apps can make DNS queries and receive DNS responses in an encrypted format and this helps prevent unwanted tracking online.

Encrypted DNS

Apple will add new functions and features to its app development frameworks to allow developers to either create new apps or update their existing apps to use either DoH or DoT to encrypt DNS traffic.

According to Apple software engineer Tommy Pauly who gave the presentation, developers can create apps to apply DoH or DoT settings to the entire operation system, to individual apps or to an app's selected network requests.

Developers will also be able to write “rules” to enable support for encrypted DNS communications only in certain situations or contexts. For example, encrypted DNS could be turned on when a user leaves their corporate network and switches to mobile data while away from the office or traveling.

If for some reason a network provider decides to block encrypted DNS communications on their network, Apple is planning to warn users with a message that explains that the names of websites and other servers their device accesses on that network could be monitored and recorded.

The addition of encrypted DNS is great news for iPhone, iPad and Mac users though Apple is a bit late to the party as Mozilla, Google and Microsoft already support encrypted DNS communications in their respective software. 

Via ZDNet

TOPICS
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
US President Donald Trump speaks to the press as he signs an executive order to create a US sovereign wealth fund, in the Oval Office of the White House on February 3, 2025, in Washington, DC.
US set to pause cyber-offensive operations against Russia - but CISA says it won't stop
Web DDoS attacks see major surge as AI allows more powerful attacks
Polish space agency says it was hit by a cyberattack
A pair of hands using a keyboard
Microsoft SharePoint hijacked to spread Havoc malware
Microsoft
Microsoft names cybercriminals who created explicit deepfakes
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
More reports claim 2024 was the worst year for ransomware attacks yet
Latest in News
Apple iPad A16
Apple's new entry-level iPad doubles the storage and ups the performance, but doesn't raise the price
iPad Air M3
Apple updates iPad Air with powerful M3 chip and pairs it with Pro-level Magic Keyboard
Nvidia RTX 5070 Founders Edition GPU shown against a green and black backdrop
Nvidia RTX 5070 early pricing hints at plenty of GPUs at the MSRP – but I’ll believe it when I see it
US President Donald Trump speaks to the press as he signs an executive order to create a US sovereign wealth fund, in the Oval Office of the White House on February 3, 2025, in Washington, DC.
US set to pause cyber-offensive operations against Russia - but CISA says it won't stop
Guitar Hero Mobile
Activision shares first look at Guitar Hero Mobile and, yeah, it looks like AI slop
Web DDoS attacks see major surge as AI allows more powerful attacks