DNS over HTTPS on by default is wrong.
The Internet is and was designed to be decentralized and open. This freedom is unequivocally how the Internet, and every other technology we love thrived and grew into what it is today. However, as time goes on the Internet is becoming radically centralized in the hands of a few companies (i.e., big tech in bed with the government – you know who they are). As more of our lives are spent online these big-tech companies, instead of trying to make the world a better place, are focused on monitoring and controlling us behind the curtain of “privacy” and “security for you”.
Enter DNS, one of the original Internet protocols that’s sole job is to map a server IP address to a friendly name. DNS happens before you do anything online and we cannot surf the Internet without it. Example, Google.com is a friendly name that maps to thousands of server IPs behind the scenes around the world. No human can remember all the server IPs (ex: 22.214.171.124), but we can all remember ‘google.com’.
This also makes DNS uniquely a powerful Internet content filter giving the DNS provider the ability to control what can be accessed by its users. DNS is probably the most widely used parental control / Internet security method in the world today.
DNS over HTTPS (DoH) is a new protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol. DoH is essentially traditional DNS performed inside an encrypted HTTPS tunnel. DoH came out of nowhere about a year ago, by the big tech Google crowd, and is now being enabled by default (i.e., turned on without your approval) in Chrome & FireFox, two of the most popular browsers in the world.
So why is DoH a problem?
The security aspect of DoH that we supposedly can’t live without is the HTTPS encrypted tunnel part which once made (i.e., once the HTTPS tunnel is made on either end) it cannot easily be broken or inspected. Therefor, he who controls the HTTPS encrypted tunnel, i.e., the DoH provider, controls what’s inside.
This means that:
- any browser with DoH turned on will tunnel through any existing DNS based parental controls / Internet security solutions.
- the DoH provider can see and control everything you do online.
DoH provides “privacy” at the expense of security. The big tech providers of DoH (Google, CloudFlair, etc) do NOT filter malicious websites, domains, and IP addresses. This has the effect of creating a mechanism by which the unwitting users of DoH bypass Internet security content filtering. The many millions of homes and businesses that use DNS to protect their users are directly harmed by DoH.
The notion that Google (one of the largest DoH providers) is interested in your DNS privacy flies in the face of their entire business model as a for-profit surveillance agency. Never forget this fact – if you are using anything online for free YOU are the product.
When one considers the impact this will have on the many young impressionable minds who suddenly find their misspelled search terms result in images no boy or girl should ever see in their lives, one wonders how these people live with themselves.
Furthermore, DoH is much more expensive to deliver than traditional DNS because of the added layer of encryption. For anyone to offer DoH they must be prepared to handle the massive increase of overhead costs (server + bandwidth + complexity + support). In other words, no one is giving DoH service away for free – they are getting something valuable to validate the effort.
Be advised that FireFox and Crome have both recently turned DoH on by default in their browsers. As of this post, if you are a Chrome or FireFox user, but not a Kibosh Router 2.0 customer, CloudFlair is now in control of all your DNS / Internet.
The good news is that although they want us to think they have total control – they don’t. Owners of Kibosh 2.0 Routers / mobile VPNs are completely oblivious to any of these big-tech shenanigans because Kibosh blocks them.
A Kibosh Router will:
- Instantly remove pornography and malware, but nothing else from your Internet.
- Block attempts by big-tech to hijack and or thwart your Internet security and privacy.
- Give you easy insight into what is using your Internet (i.e., what is on your LAN).
- Give you control over what device can access the Internet (i.e., control internet time).
- Give you real-time activity logs of what each device is doing (so you can at any time quickly look at what Little Johnny is going on his Android tablet at 11.45 PM..).
- NOTE: on a Kibosh Internet Little Johnny cannot be looking at porn because it does not exist. With Kibosh all you need to worry about is when the kids can access the Internet, not what they are accessing (outside of mainstream sights like Facebook, etc – these you need to manage access too on your own…using the tools the Kibosh Router gives you).
- Give you regular security firmware and stateful firewall updates ensuring your Kibosh Router is always secure from hackers (including big tech), and WAN exploits.
We also offer Family Safe Mobile VPNs for iOS and Android to ensure your mobile devices are also safe and secure over all Internet connections.
With Kibosh your Internet will be infinitely safer and family friendly and unchanging. On all your Internet capable devices, wherever the go in the world.