无论我们为避免在互联网上被跟踪付出多少努力,似乎都很难避免一件事——ISP 跟踪(ISP tracking)。由于没有法律阻止ISP进行监控,因此他们这样做也就不足为奇了。但是,如果您想阻止它们,有一个解决方案。在这篇文章中,我们将展示如何在Firefox、Chrome、Edge、Opera、Android和 iPhone中启用 DNS over HTTPS以(enable DNS over HTTPS)停止 ISP 跟踪(stop ISP tracking)。
什么是基于 HTTPS 的 DNS
当您在浏览器上键入网站地址时,它会使用DNS服务定位 IP 地址。除非另有配置,否则此DNS由您的ISP提供。这意味着他们知道您要去哪里以及在做什么,从而更容易跟踪和创建个人资料。
可以阻止的隐私解决方案称为DNS over HTTPS。它使用相同的加密标准并通过HTTPS执行(HTTPS)DNS解析。它确保使用加密来防止中间人攻击。另一个好处是提高了性能。谷歌(Google)和Mozilla 基金会(Mozilla Foundation)从去年开始测试基于HTTPS的DNS版本。(DNS)
阅读(Read):
阻止 ISP 跟踪
虽然整个事情都在测试中,但您仍然可以使用Firefox浏览器来拥有它。该浏览器提供加密技术和加密的DNS服务提供商。它已与Cloudflare(Cloudflare)签署了一项协议,以清除其收集的任何数据,并且不将其提供给任何其他方。Mozilla即将在相同条款下与其他DNS提供商签约。(DNS)
1]如何(How)在Firefox中启用基于HTTPS的DNS
- 打开火狐(Firefox),点击浏览器右上角的汉堡菜单或三横线图标。
- 单击选项(Click Options)以打开设置窗口。
- 滚动到底部以找到Network Settings >单击设置按钮。
- 它将打开连接(Connection)设置弹出窗口。
- 在底部,选中“通过 HTTPS 启用 DNS(Enable DNS over HTTPS) ”旁边的框。
截至目前,唯一可用的提供商Cloudflare。它是默认提供程序,但随着更多选项的出现,您应该能够更改它。
2]为Chrome启用DNS over HTTPS
如果您想在任何使用Cloudflare或任何列出的DNS over HTTPS公共服务器的浏览器上启用(HTTPS)DoH,您将需要在浏览器中使用参数。当使用这些参数启动浏览器时,所有查询都会首先加密。这是在Chrome上执行此操作的方法。
查找(Find)或创建Chrome 快捷方式(Chrome Shortcut)。每次要使用DoH时都应使用此快捷方式。
现在,右键单击Chrome快捷方式并选择属性。
在Shortcut Tab > Target中,在末尾添加以下 URL -
--enable-features="dns-over-https<DoHTrial" --force-fieldtrials="DoHTrial/Group1" --force-fieldtrial-params="DoHTrial.Group1:server/https%3A%2F%2F1.1.1.1%2Fdns-query/method/POST
单击(Click)Save,然后使用相同的快捷方式再次启动Chrome 。在进行任何更改之前,它将提示管理员权限。
前往Cloudflare 检查器(Cloudflare checker),了解您是否使用基于 HTTPS(HTTPS)的DNS
如果您想使用其他DoH服务器,这里还有更多内容(more here)。因此,例如,如果您想使用Google DoH,那么查询URL应该是 https://dns.google/dns-query。您需要在Chrome快捷方式中添加的文本应该是 -
--enable-features="dns-over-https<DoHTrial" --force-fieldtrials="DoHTrial/Group1" --force-fieldtrial-params="DoHTrial.Group1:server/https%3A%2F%2Fdns.google%2Fdns-query/method/POST
更新(UPDATE):Chrome 现在正式支持基于 HTTPS 的 DNS。
您将在Chrome 83及更高版本的Settings > Privacy和安全”下看到它。
3]为 Microsoft Edge启用(Enable DNS)基于 HTTPS(HTTPS)的DNS
也就是说,即使Edge使用的是(Edge)Chromium,相同的设置也不起作用。因此,Edge(So Edge)用户将不得不等到微软(Microsoft)将其集成到他们的浏览器中。但是,如果您准备好进行实验(ready to experiment),您可以启用实验标志 - 安全DNS查找。
- 启动 Edge,然后输入 edge://flags
- 搜索安全 DNS 查找
- 启用标志并重新启动浏览器。
以下是安全 DNS(Secure DNS)查找的说明:启用基于 HTTPS(HTTPS)的DNS。启用此功能后,您的浏览器可能会尝试使用安全的HTTPS连接来查找网站地址和其他网络资源。– Mac、Windows。
虽然它应该启用,但我不确定它到底是如何工作的。我建议您注意它即将登陆 Edge(Edge)的事实,但更多细节只有在最终版本或 beta 版本时才可用。
阅读(Read):Microsoft 在 Windows 10 上支持 DNS over HTTPS。
4]在Android或 iPhone上通过HTTPS设置 DNS(Setup DNS)
大多数移动操作系统(Mobile OS)都允许您编辑DNS设置。由于您需要使用Cloudflare,因此最简单的方法是在您的智能手机上安装Cloudflare应用程序。一个简单的开关将确保您的手机开始使用DNS。
从 1.1.1.1下载应用程序(Download the app),然后打开开关以开始使用加密的DNS。这样做,任何访问互联网的东西都将使用DNS over HTTPS服务。您的所有流量都将被加密,使您免受窥探者和黑客的侵害。
5]在Opera中启用DNS over HTTPS
打开 Opera,在地址栏中输入opera://flags/#opera-dohEnter打开此设置 -
从下拉列表中,选择已启用(Enabled)。
阅读下一篇(Read next):为什么还要将 VPN 软件用于安全和隐私(Why use a VPN software also for Security and Privacy)?
Enable DNS over HTTPS in Firefox, Chrome, Edge, Opera, Android, iPhone
No mаtter how much effort we put in tо avoid getting tracked оn the internet, there is one thing that seems tough to аvoid — ISP tracking. Since no law stops ISP from monitoring, it comes as no surprise that they are doing it. However, there is a solution if you want to stop them. In this post, we will show how you can enable DNS over HTTPS in Firefox, Chrome, Edge, Opera, Android & iPhone to stop ISP tracking.
What is DNS over HTTPS
When you type a website address on your browser, it locates the IP address using a DNS service. This DNS, unless configured otherwise, is offered by your ISP. It means they know where you are going and what you are doing, making it a lot easier to track and create a profile.
The privacy solution that can stop is called DNS over HTTPS. It uses the same standard of encryption and performs DNS resolution via HTTPS. It makes sure to keep man-in-the-middle attacks at bay using encryption. Another benefit is improved performance. Google and the Mozilla Foundation started testing versions of DNS over HTTPS since the last year.
Read:
Block ISP tracking
While the whole thing is under testing, you can still have it by using the Firefox browser. The browser offers both the encryption technology and an encrypted DNS service provider. It has signed up an agreement with Cloudflare to purge any data it collects and not provide it to any other parties. Mozilla is close to signing on additional DNS providers under the same terms.
1] How to enable DNS over HTTPS in Firefox
- Open Firefox and click on the hamburger menu or the three horizontal lines icon in the upper right corner of the browser.
- Click Options to open the settings window.
- Scroll to the bottom to find Network Settings > click on the settings button.
- It will open the Connection settings popup window.
- At the bottom, check the box next to “Enable DNS over HTTPS.”
As of now, the only provider available Cloudflare. It is the default provider, but as more options show up, you should be able to change it.
2] Enable DNS over HTTPS for Chrome
If you want to enable DoH on any browser using Cloudflare or any of the listed DNS over HTTPS public servers, you will need to use parameters with the browsers. When the browser is launched with those parameters, all queries are encrypted first. Here is how you can do it on Chrome.
Find or create a Chrome Shortcut. You should use this shortcut every time you want to use DoH.
Now, right-click on the Chrome shortcut and select Properties.
In the Shortcut Tab > Target, add the following URL at the end-
--enable-features="dns-over-https<DoHTrial" --force-fieldtrials="DoHTrial/Group1" --force-fieldtrial-params="DoHTrial.Group1:server/https%3A%2F%2F1.1.1.1%2Fdns-query/method/POST
Click on Save, and launch Chrome again using the same shortcut. It will prompt for admin permission before making any changes.
Head over to Cloudflare checker to know if you are using DNS over HTTPS
If you want to use some other DoH server, there is more here. So, for example, if you want to use Google DoH, then the query URL should be https://dns.google/dns-query. The text which you need to add in Chrome shortcut should be-
--enable-features="dns-over-https<DoHTrial" --force-fieldtrials="DoHTrial/Group1" --force-fieldtrial-params="DoHTrial.Group1:server/https%3A%2F%2Fdns.google%2Fdns-query/method/POST
UPDATE: Chrome now officially supports DNS over HTTPS.
You will see it in Chrome 83 and later under Settings > Privacy and security.
3] Enable DNS over HTTPS for Microsoft Edge
That said, the same settings don’t work on Edge even though it’s using Chromium. So Edge users will have to wait until Microsoft integrates it into their browser. However, if you are ready to experiment, you can enable an experimental flag—Secure DNS lookups.
- Launch Edge, and type edge://flags
- Search for Secure DNS lookups
- Enable the flag and restart the browser.
Here is the description for Secure DNS lookups: Enables DNS over HTTPS. When this feature is enabled, your browser may try to use a secure HTTPS connection to look up the addresses of websites and other web resources. – Mac, Windows.
While it should enable, I am not sure which how exactly it is working. I would suggest that you be aware of the fact that its coming to Edge, but more details will be available only when it comes to the final or the beta version.
Read: Microsoft supports DNS over HTTPS on Windows 10.
4] Setup DNS over HTTPS on Android or iPhone
Most of the Mobile OS offers you to edit DNS settings. Since you need to use Cloudflare, the easy way is to install the Cloudflare app on your smartphone. A simple switch will make sure your phone starts using DNS.
Download the app from 1.1.1.1, and toggle the switch on to start using encrypted DNS. Done that, anything which accesses the internet will use DNS over HTTPS service. All your traffic will be encrypted, making you secure from snoopers and hackers.
5] Enable DNS over HTTPS in Opera
Open Opera, type opera://flags/#opera-doh in the address bar and hit Enter to open this setting-
From the drop-down, select Enabled.
Read next: Why use a VPN software also for Security and Privacy?