14 DAY TRIAL // Google announced today that it brings DNS over TLS support in the upcoming Android P release of its Linux-based mobile operating system for an extra layer of protection and better privacy.
By design, Domain Name System (DNS) requests are sent over a plaintext connection, so DNS over TLS aims to perform a remote DNS resolution via the secure Transport Layer Security (TLS) protocol. Google wants to make its Android operating system more secure for all users and it implemented DNS over TLS support in the latest Android P Developer Preview.
"The Android P Developer Preview includes built-in support for DNS over TLS. We added a Private DNS mode to the Network & internet settings," said Erik Kline, Android software engineer. "By default, devices automatically upgrade to DNS over TLS if a network's DNS server supports it. But users who don't want to use DNS over TLS can turn it off."
How DNS over TLS works in Android P
The new DNS over TLS support implemented in Android P automatically secures all DNS queries from installed apps that want to access the Internet. It will be enabled by default for all users who will upgrade to Android P later this year, but it won't work with apps that perform their DNS queries using own APIs instead of system's default ones.
To use a private DNS provider, users will have to enter a hostname. Then, all DNS queries will be sent by the Android operating system to the respective DNS server over the secure TLS (Transport Layer Security) protocol. If these private DNS servers can't be reached, they will be marked as "No internet access."
Android application developers will be able to integrate DNS over TLS support in their apps using the new LinkProperties.isPrivateDnsActive() API provided by Google with the Android P Developer Preview, which you can download for testing purposes here. Google hopes all operating systems will include secure transports for DNS in the future.