The day before yesterday, June 28, Microsoft released an assembly of Windows 11 for insiders, in which enthusiasts discovered a rather interesting and useful DNS-over-HTTPS feature. Thanks to it, the user can perform the DNS queries he needs over an encrypted HTTPS connection that is almost impossible to trace, thereby increasing the security and safety of his confidential information. For example, this technology allows you to bypass censorship mechanisms and almost completely prevents the possibility of an attack from spoofing software, which, of course, increases the level of security in the new OS.
It is worth noting that at the moment, many Chromium-based browsers (Google Chrome, Microsoft Edge) and Mozilla Firefox have already implemented built-in support for DNS-over-HTTPS technology. Still, it, of course, works exclusively within the browser itself. The user receives data encryption only in a specific application, while the rest of the software remains unprotected. Now that the technology has been released at the system level, the number of potential threats is likely to decrease significantly since in Windows 11, when the function is activated, encryption affects all running software.
Previously, however, Microsoft had already launched DNS-over-HTTPS in the Windows 10 20185 Insider build, but this feature was quickly turned off. Now anyone can go to the “Settings” of the system, open the “Network and Internet” menu, then go to the “Ethernet / wireless” section and change the value of the selected DNS server. Naturally, there are many additional options and settings and flexible work with DNS through the group policy editor.
Currently, Microsoft has named three DNS servers that support DNS-over-HTTPS and automatically run the feature on Windows 11:
- Cloudflare: DNS servers 22.214.171.124 and 126.96.36.199.
- Google: DNS servers 188.8.131.52 and 184.108.40.206.
- Quad9: DNS servers 220.127.116.11 and 18.104.22.168.