Why it matters: DNS is one of the last protocols that run unencrypted on the Internet. Microsoft is trying to fix that on Windows by enabling DNS over HTTPS support. This allows DNS queries to be encrypted and protects user privacy.
Microsoft is adding support for DNS over HTTPS (DoH) protocol for Windows Insiders in the Fast Ring. This is the highly experimental version of Windows that allows users to test out new features before broader adoption by everyone else.
As avid TechSpot readers likely know, DNS stands for Domain Name Service and involves translating human readable URLs to IP addresses. Unfortunately, while most web traffic is encrypted using HTTPS, DNS queries are not. DoH fixes this by encrypting the DNS traffic using HTTPS.
Specifically, special DNS servers called DoH resolvers process regular HTTPS traffic, decrypt the DNS request, and forwards it to a regular DNS system. The resulting translation gets sent back to the user over HTTPS.
Mozilla has already enabled DoH in Firefox while Google is testing the feature on Chromium. In fact, you can enable it now by turning on the flag in chrome://flags or edge://flags. However, enabling DoH at the browser level introduces problems for enterprise customers and still doesn't address other non-browser apps that use DNS.
By baking in DoH support at the operating system level, Microsoft will help system administrators better filter DNS requests while also enhancing privacy for regular consumers. The company detailed why Windows needed DoH back in November, emphasizing that privacy is a human right and that cybersecurity should be "built into technology."
If you are part of the Windows Insider Program and don't mind altering your Windows registry, follow the steps here to activate DoH.
https://www.techspot.com/news/85227-microsoft-adds-dns-over-https-support-windows-insiders.html
