iOS 14でDNS暗号化に対応 重要性と暗号化方式

今回はDNS暗号化の重要性、DNS over TLSとDNS over HTTPSの違い、とiOS 14でDNSを暗号化する方法などを解説します。 iOS 14では、ウィジェットが追加できるようになったことや、デフォルトのメールアプリやブラウザを変更できるようになったことなどが注目を集めていますが、実は裏でひっそりiOS 14ではDNSの暗号化をネイティブサポートしていたのです。 DNSの危険性と暗号化の重要性 WWDC 2020でAppleはこのように述べています。 Enable encrypted DNS Your devices are using DNS every time you access the internet. When your app accesses a website, the system asks a question, a DNS query, to turn that name into a set of addresses. Generally, the question is sent to a DNS server configured by your local network. So where does privacy come into the picture? One concern is that DNS questions and answers are usually sent over an unencrypted transport, UDP. That means that other devices on the network can not only see what names you’re looking up, but they can even interfere with the answers. The other privacy concern is that you may not trust the DNS resolver on your local network. If you’ve joined a public Wi-Fi network, your internet usage could be tracked or blocked. ...

Posted 2020-11-01 ·  Konoka-Iori ·  Knowledge