Two new projects just launched that could hinder internet-service providers’ ability to eavesdrop on their customers, helping internet users protect their data from hackers and advertisers alike.
Both projects do so by upgrading DNS, the internet’s address book, so ISPs cannot easily see what web page users are navigating to, according to Fast Company.
For the first project, Mozilla and Cloudflare launched a privacy remedy on Monday that uses a new encrypted version of DNS.
DNS, the domain name system, translates addresses of websites to numerical representations, called IP addresses. Users are automatically connected to an ISP’s own DNS server when they log on to a home router or public hotspot, or when their cell phone connects to the network. In the process, the ISP gets a log of everywhere you go online. Users can, however, plug the IP address of a different DNS server into their computer’s or phone’s operating system.
So Cloudfare launched a new, encrypted DNS at the address 126.96.36.199—available to any internet user—and partnered with Mozilla to support an encrypted connection with the Firefox web browser. By connecting to this DNS, it should leave ISPs in the dark.
Cloudfare has instructions on its website to walk users through setting up a device to use its DNS server and then setting up an encrypted connection on the Firefox web browser.
To protect its customers, Cloudfare hired a third-party auditor, KPMG, to certify that it doesn’t keep any of the information about people’s web surfing that passes through its servers.
“[W]e will not retain or give away or sell information that we receive from this,” Cloudflare CEO Matthew Prince said.
Meanwhile, researchers at Princeton have proposed another DNS tweak that takes protecting information a step further, by making the data unavailable to anyone—not even the service facilitating the DNS connection.
Nick Feamster, a Princeton computer science professor who specializes in networking technology, just introduced Oblivious DNS— using an extra layer of encryption to separate the IP address of the person requesting a web page from the address of the actual page they are requesting.
Both projects show that researchers may have finally been able to fill up this privacy hole online.
“This is one of the biggest security holes that we’ve been trying to patch for 20 or 30 years,” Erica Portnoy, staff technologist at the Electronic Freedom Foundation, said. “This is finally something that might actually work, which is honestly amazing.”
Correction: A previous version of this story contained a technically inaccurate headline. Internet-service providers can always track your IP address because they assigned it. But these tools change your IP address and mask the websites that you visit.