logo
logo
Sign in

DNS Privacy: Solutions emerging, but deployment lags

avatar
Roland Baker
DNS Privacy: Solutions emerging, but deployment lags

For some Internet users, anonymity is critically important and a service like ToR exists to obfuscate the location and browsing habits of ToR users. Even ToR users have a need to resolve names using DNS however (for non-hidden services) and they are then vulnerable to the exit relay operator’s DNS configuration. The addition of DNS data to existing attack techniques makes attacks more precise, especially for infrequently visited websites (e.g. dissident sites). Exit relay operators are therefore advised to run their own resolvers with QNAME minimisation. In the long term, adding confidentiality to DNS is necessary to prevent it being used as a vector for de-anonymisation of ToR users.

Curiously, ToR was also discussed as a potential solution to the problem of DNS recursive resolver logs falling into the wrong hands. Incorporating a micropayment solution to align incentives and using ToR to anonymise traffic could create a recursive resolution service that wouldn’t have the logging vulnerability problems we see today. Latency of such a service would however be an issue in many cases, which brings me to my next point.

For more details: Professional Whiteboard Video Cost

collect
0
avatar
Roland Baker
guide
Zupyak is the world’s largest content marketing community, with over 400 000 members and 3 million articles. Explore and get your content discovered.
Read more