Microsoft has reinstated DNS over HTTPS (DoH) in the Chromium-based Edge browser. The Windows 10 OS maker had quietly stripped the facility earlier this year citing performance issues.
After quietly removing or disabling DNS-over-HTTPS (DoH) in all Edge browser’s development channels in February this year, Microsoft has brought the feature back. DoH encrypts even the web addresses so that the entire chain of information is secure from attack.
Alternative DNS service providers for DoH are back and showing up in all Edge insider channels:
Microsoft had introduced the ability to encrypt DNS or website addresses quite some time back. However, in February 2021, the company removed the list of DNS providers from Edge Security settings.
The setting abruptly disappeared in all experimental versions of Microsoft Edge web browsers. In other words, Beta, Dev, and Canary channels of the Microsoft Edge browser lacked the setting.
The stable channel of the Edge web browser had the DNS-over-HTTPS setting. However, with the other channels losing the feature, users feared Microsoft might be retiring the same.
Microsoft brings back DNS-over-HTTPS to Edge – https://t.co/xgWrwqH7Yt pic.twitter.com/sFfFEcmuM9
— MSPoweruser (@mspoweruser) March 19, 2021
Microsoft has now reinstated the ability to choose a third-party DNS resolver. There are quite a few DoH service providers such as:
- OpenDNS
- NextDNS
- Google PublicDNS
- Cloudflare
- Quad9
- CleanBrowsing (Family filter)
Microsoft Edge does come with Secure DNS as the default provider. However, the company is offering several alternatives.
Microsoft has reportedly indicated that few performance issues prevented the rollout of DNS-over-HTTPS in the development channels during the upgrade process.
How to access and use DNS-over-HTTPS (DoH) in the Microsoft Edge web browser?
With regular DNS resolvers, a DNS query travels over an unencrypted connection. This means the website address is easily viewable.
An ISP (Internet Service Provider) might not be able to log the actual information, but it will know the name of the website visited. This makes using a secure connection only partially useful.
Secondly, unencrypted DNS is easy for a Man-In-The-Middle to change DNS answers to route unsuspecting visitors to their phishing, malware, or surveillance site. Such DNS attacks are quite common for unsecured websites as well.
Friends tell friends to enable DoH (dns over https):
Chrome:
visit chrome://flags/#dns-over-httpsFirefox:
find “Enable DNS over HTTPS” in settingsBrave:
visit brave://flags/#dns-over-httpsEdge (chromium version):
visit edge://flags/#dns-over-https— Rogério Vicente (@rogeriopvl) March 12, 2020
DoH offers DNS resolution over an HTTPS endpoint or simply put, web address queries are encrypted. When users choose DNS over HTTPS endpoint instead of sending DNS queries over plaintext, they are protecting the complete chain of information.
Microsoft has cautioned that DoH is not without consequences. The system may cause issues when browsing some local or enterprise sites.
Users who wish to use DNS-over-HTTPS in Edge can try out a new DNS provider by going to Edge Settings > Privacy and scroll to Security > Use secure DNS to specify how to lookup the network address for websites.