OpenDNS, the company that provides a free and paid secure alternative to using your ISP’s DNS servers to route your internet traffic, has today launched a new product – DNSCrypt. The software should help prevent man-in-the-middle attacks as well as helping hide your browsing habits from prying eyes.
Currently, the DNS protocol is inherently insecure as requests are transported in unencrypted plaintext. Whilst a lot of your route to the internet is relatively secure, this “last mile” is very open to abuse – and has been abused in the past. A number of people don’t encrypt their WiFi either – meaning that they are left “highly vulnerable” according to the DNSCrypt press release.
DNSCrypt will encrypt the requests between your computer and the OpenDNS servers (which you need to be running for DNSCrypt to work), effectively closing a gaping hole in many people’s digital security. It also won’t hurt to encrypt people’s data from the increasingly prying eyes of the governments in both repressive and more alarmingly democratic regimes.
DNSCrypt is currently only available for the MAC, but OpenDNS CEO David Ulevitch has said that the source code will be made available on GitHub for the open source and hacking communities to port it to different operating systems such as Windows, Linus or even for mobile use over WiFi.