Credit: Cloudflare

Cloudflare, a web-infrastructure and website-security company, has teamed up with Apple to give internet users a more privacy-friendly internet protocol. Called Oblivious DNS over HTTPS (ODoH) the new protocol is meant to protect users against server operators using or selling user data that allows for tracking user internet histories.

When a user clicks on a search engine hyperlink, their sends the request to a DNS server, which converts the URL to the IP address of the site they wish to visit. That information is relayed back to the browser, which then sends a request to the ISP, which then forwards the request to other servers on the . While the system has proven to work well, it has one major problem—at least from the users' perspective. It allows the ISP to track every website the user visits. It also allows others who intercept such requests to see who sent a request and to whom it was sent. That has led browser makers to encrypt such requests, which solves the latter problem but not the former. In this new effort, Cloudflare, Apple and Fastly have added a new idea to routing browser requests—a proxy server situated between the user and their DNS server to fix both problems.

A proxy by itself would not solve the problem because the proxy owner would then be in a position to sell . So the collaborative added encryption to keep the proxy server from reading the message sent along with the request. Then it relays the request to the DNS server, which can read the message but cannot see where it originated. Thus, neither can track a given user's internet history—unless, of course, as Cloudflare posts on its blog, the owners of the server collude with the owners of the DNS server (generally the ISP). This would then put the onus on users to ensure their own privacy. If they suspect collusion between the they are using and the people running their DNS server, they are free to change the browser settings to choose other providers.