Google Chrome has begun locking down an important type of communication that can leak private information to internet service providers or others who can snoop your web browser's network activity. Chrome 83, released Tuesday, incorporates a new technology called DNS over HTTPS.
Google, Mozilla and other allies have been trying to secure your connections to websites with the HTTPS technology, a move that prevents outsiders from actions like reading that email you're opening in Gmail or tampering with a website to insert ads. But ISPs, hotels, airports and others operating networks you might use often can see internet addresses for the sites you want to visit.
DOH is designed to stop that snooping possibility. It's an important measure in the gradual protection of everyday communications. Encryption once was reserved for highly sensitive communications like entering passwords or making purchases, but now with so much of our lives online, everything is sensitive.
Not everyone is a DOH fan, though, which is why it's notable Chrome is embracing it only somewhat tentatively. "By default, Chrome will automatically upgrade you to DNS-over-HTTPS if your current service provider supports it," Google product manager AbdelKarim Mardini said in a blog post.
That's very different from Firefox's approach, which turns it on by default in the United States and uses DNS services from a big network player called Cloudflare. Chrome also lets you pick another DOH provider like Cloudflare or Google itself or disable DOH altogether.
How DOH works
Every time your browser loads a website, it has to look up the numeric address for the website name you typed in -- for example, the internet address for google.com is 184.108.40.206. That lookup technology is called DNS, short for the Domain Name System. Today, DNS lookups aren't encrypted, which can reveal a lot about what you're doing online.
There are limits to DOH, though. For example, even after you've looked up an internet address with DOH, your browser then tells your ISP to shuttle data to and from that address. Another issue is that DOH can centralize DNS activity to particular DNS service providers like Google or Cloudflare.
That's why you'll see resistance to DOH from tech notables like Bert Hubert, developer of PowerDNS software, and Paul Vixie, who helped develop DNS.
Chrome is taking new measures to curtail how websites use small text files called cookies that have become a privacy problem on the web. First-party cookies from the site you're visiting can be useful for things like remembering your preferred language, what's in your shopping cart or that you're logged in. But those websites also can bring along third-party cookies from companies like advertisers that can use to track your browsing behavior across the web.
Chrome 83 adds an option to block third-party cookies. And when you're in Chrome's incognito mode, it'll block third-party cookies by default.
Third-party cookie blocking is already enabled by default in other browsers like Firefox and Safari, and Brave is even more protective. But Google, which dominates browser usage, is proceeding more cautiously with a longer-term Chrome project called the privacy sandbox. It's begun testing some in prototype form, but full third-party cookie blocking isn't scheduled to arrive until 2022.
Other Chrome 83 changes
Also in Chrome 83, Google is trying to make it easier to control some browser settings:
- A new "You and Google" setting lets you control how Chrome syncs your personal data, like browsing history, with Google.
- A reorganized "Site Settings" section lets you see which websites have access to sensitive phone or computer abilities -- the camera, microphone, location and notification system.
- A new puzzle-piece icon will get you faster access to Chrome extensions that customize the browser's behavior and what privileges you grant extensions.
- A new tool will alert you when passwords Chrome has stored have been compromised. It's part of a safety check section in Chrome settings, but similar warnings are in other browsers like Firefox and Microsoft Edge.