Google annonce qu'il a ajouté la prise en charge du DNS-over-HTTP/3 (DoH3) protocole sous Android 11 et versions ultérieures de son système d'exploitation mobile, ce qui devrait améliorer la confidentialité des requêtes DNS ainsi que les performances.
Permettez-moi de vous rappeler que nous avons également écrit cela Les experts ont décrit comment Android les logiciels malveillants s'infiltrent dans le Google Jouer au magasin.
En outre, un peu d'Android 10 les appareils qui ont déjà implémenté les mises à jour du système du Google Play Store recevront la nouvelle fonctionnalité. Les utilisateurs finaux n’ont rien à faire pour activer la nouvelle fonctionnalité, Android le fera automatiquement.
HTTP/3 est la troisième version du protocole de transfert hypertexte basé sur QUIC, un protocole de transport multiplex basé sur UDP plutôt que sur TCP comme c'était le cas dans les versions précédentes. Le nouveau protocole élimine ce que l'on appelle “blocage en tête de ligne” problème, which slows down data transfer if a packet is lost or reordered, which is quite common with mobile and frequent connection switching.
Précédemment, Android 9 and later versions supported DNS-over-TLS (DoT), which allowed to increase privacy of DNS queries, but inevitably slowed down DNS queries due to additional resource consumption for encryption. De plus, DoT each time required a new connection to be renegotiated when the network changed, whereas QUIC is able to resume a suspended connection in one RTT (round-trip time, the time taken to send the signal, plus the time it takes to confirm that the signal was received).
Ainsi, DoH3 solves many of the performance problems inherent in DoT. According to tests conducted by Google, the increase in performance (median query time) is 24%, and in some cases up to 44%.
Another advantage of DoH3 is the use of a DNS resolver written in Rust. It is expected that this implementation will significantly reduce the risk of vulnerabilities.
It is noted that DNS-over-HTTPS is already widely supported by many DNS providers to provide increased privacy when making DNS queries. Since Google supports DNS-over-HTTP/3 and DNS-over-QUIC, which is now a proposed standard, it is likely that these technologies will become even more widespread among DNS providers soon. In the meantime, as part of the launch of this feature on Android devices, Cloudflare DNS et DNS public de Google, which already support DNS-over-QUIC, will be used.
À l'avenir, Google plans to add support for other DoH3 providers through the Discovery of Designated Resolvers (DDR), which will automatically select the best provider for a given configuration.
Laissez un commentaire