Apple and Cloudflare Develop New Privacy-Focused Internet Protocol

by

Cloudflare has today announced that it has developed a new internet protocol, in collaboration with engineers from Apple and Fastly, focused on privacy (via TechCrunch).

cloudflare logo dark

The protocol, dubbed "Oblivious DNS-over-HTTPS," or "ODoH," makes it more difficult for internet service providers to know which websites users have visited.

When visiting a website, browsers use a DNS resolver to convert web addresses into machine-readable IP addresses to locate where the page is located. However, this is an unencrypted process and ISPs can see the DNS query and conclude which websites their users have visited. Internet service providers are also able to sell this information to advertisers.

Innovations such as DNS-over-HTTPS, or DoH, have added encryption to DNS queries. While this may dissuade bad actors who may wish to hijack DNS queries to point victims to malicious websites, DNS resolvers are still able to see which websites are being visited.

ODoH decouples DNS queries from individual users, so the DNS resolver cannot know which websites have been visited. This is achieved by encrypting the DNS query before passing it through a proxy server. This way, the proxy cannot see the query and the DNS resolver cannot see who originally sent it.

"What ODoH is meant to do is separate the information about who is making the query and what the query is," said Cloudflare's head of research, Nick Sullivan.

Page loading times and browsing speeds are said to be "practically indistinguishable" when using the ODoH protocol, according to Sullivan.

However, ODoH is only able to ensure privacy when the proxy and the DNS resolver are not controlled by the same entity. This means that ODoH will depend on companies offering to run proxies, otherwise the "separation of knowledge is broken."

While a few unnamed partner organizations are already running proxies, allowing early adopters to use ODoH using Cloudflare's 1.1.1.1 DNS resolver, the vast majority of users will have to wait until the technology is directly baked into browsers and operating systems.

Though it will likely first need to be certified as a standard by the Internet Engineering Task Force, considering that Apple was directly involved in developing the technology, it is not unreasonable to expect Apple to be among the first to integrate it in the future.

Tags: Apple Privacy, CloudFlare

Popular Stories

iphone 17 air iphone 16 pro

iPhone 17 Air USB-C Port May Have This Unusual Design Quirk

Wednesday April 30, 2025 3:59 am PDT by
Apple is preparing to launch a dramatically thinner iPhone this September, and if recent leaks are anything to go by, the so-called iPhone 17 Air could boast one of the most radical design shifts in recent years. iPhone 17 Air dummy model alongside iPhone 16 Pro (credit: AppleTrack) At just 5.5mm thick (excluding a slightly raised camera bump), the 6.6-inch iPhone 17 Air is expected to become ...
Read Full Article143 comments
iphone 16 display

iPhone 17's Scratch Resistant Anti-Reflective Display Coating Canceled

Monday April 28, 2025 12:48 pm PDT by
Apple may have canceled the super scratch resistant anti-reflective display coating that it planned to use for the iPhone 17 Pro models, according to a source with reliable information that spoke to MacRumors. Last spring, Weibo leaker Instant Digital suggested Apple was working on a new anti-reflective display layer that was more scratch resistant than the Ceramic Shield. We haven't heard...
Read Full Article115 comments
AirPods Pro 3 Mock Feature

AirPods Pro 3 Just Months Away – Here's What We Know

Tuesday April 29, 2025 1:30 am PDT by
Despite being more than two years old, Apple's AirPods Pro 2 still dominate the premium wireless‑earbud space, thanks to a potent mix of top‑tier audio, class‑leading noise cancellation, and Apple's habit of delivering major new features through software updates. With AirPods Pro 3 widely expected to arrive in 2025, prospective buyers now face a familiar dilemma: snap up the proven...
Read Full Article102 comments
iPhone 17 Air Pastel Feature

iPhone 17 Reaches Key Milestone Ahead of Mass Production

Monday April 28, 2025 8:44 am PDT by
Apple has completed Engineering Validation Testing (EVT) for at least one iPhone 17 model, according to a paywalled preview of an upcoming DigiTimes report. iPhone 17 Air mockup based on rumored design The EVT stage involves Apple testing iPhone 17 prototypes to ensure the hardware works as expected. There are still DVT (Design Validation Test) and PVT (Production Validation Test) stages to...
Read Full Article28 comments
apple watch ultra yellow

What's Next for the Apple Watch Ultra 3 and Apple Watch SE 3

Friday April 25, 2025 2:44 pm PDT by
This week marks the 10th anniversary of the Apple Watch, which launched on April 24, 2015. Yesterday, we recapped features rumored for the Apple Watch Series 11, but since 2015, the Apple Watch has also branched out into the Apple Watch Ultra and the Apple Watch SE, so we thought we'd take a look at what's next for those product lines, too. 2025 Apple Watch Ultra 3 Apple didn't update the...
Read Full Article65 comments
iPhone 17 Pro on Desk Feature

All iPhone 17 Models Again Rumored to Feature 12GB of RAM

Tuesday April 29, 2025 3:36 am PDT by
All upcoming iPhone 17 models will come equipped with 12GB of RAM to support Apple Intelligence, according to the Weibo-based leaker Digital Chat Station. The claim from the Chinese leaker, who has sources within Apple's supply chain, comes a few days after industry analyst Ming-Chi Kuo said that the iPhone 17 Air, iPhone 17 Pro, and iPhone 17 Pro Max will all be equipped with 12GB of RAM. ...
Read Full Article85 comments
iOS App Store General Feature JoeBlue

Epic Games Wins Major Victory as Apple is Ordered to Comply With App Store Anti-Steering Injunction [Updated]

Wednesday April 30, 2025 4:01 pm PDT by
In a victory for Epic Games, Apple was today found to be in violation of a 2021 injunction that required it to allow developers to direct customers to third-party purchase options on the web using in-app links. Judge Yvonne Gonzalez Rogers, who has been handling the Apple vs. Epic Games dispute for the last five years, said that Apple is in "willful violation" of the injunction she issued to ...
Read Full Article239 comments
iphone 16 pro ghost hand

iPhone 18 to Use High Performance Six-Channel Memory, Claims Leaker

Tuesday April 29, 2025 7:00 am PDT by
Apple's iPhone 18 lineup will introduce a major leap in memory performance, according to new information shared today by Weibo-based leaker Digital Chat Station. Apple is reportedly planning to equip the 2026 models with a high-capacity six-channel LPDDR5X memory configuration, significantly upping the memory bandwidth for future AI features and multitasking. Expanding the memory bandwidth...
Read Full Article92 comments

Top Rated Comments

chucker23n1 Avatar
chucker23n1
57 months ago

SO i can use it right now by just changing my DNS to 1.1.1.1?
No. That’ll change you to DoH, if your resolver supports it. ODoH isn’t yet implemented anywhere.
Score: 8 Votes (Like | Disagree)
ArPe Avatar
ArPe
57 months ago

I use OpenDNS

https://en.wikipedia.org/wiki/OpenDNS

208.67.222.222
208.67.220.220
That doesn’t protect you from your ISP’s eyes and selling your browsing data. Ali and Bob in tech support still know you’re into dwarf domination cosplay.
Score: 8 Votes (Like | Disagree)
thederby Avatar
thederby
57 months ago

Who TF is "Fastly"?

only one of the top three CDNs on the planet.
Score: 7 Votes (Like | Disagree)
locovaca Avatar
locovaca
57 months ago

You have to trust the resolver and if you have content filtering in use that uses DNS based filtering, this is not a good thing. That said, I have found cloudflare to be very fast and secure. Since I do use content filtering and ad blocking, I use pihole with unbound and it has been great.
Yup, and now we’re running into the issue of apps and devices that ignore DNS servers offered up by your router and instead hardcode Google or others so they can defeat DNS based add blockers. This is just another attempt to keep ads working under the guise of “security.”
Score: 5 Votes (Like | Disagree)
Helmlein Avatar
Helmlein
57 months ago
DNS resolution is something that should be implemented for the OS, not in the browser. The browser in turn can query the OS resolver library. Therefore: thanks but no thanks. Better implement those in the OS resolver library, so ALL applications can benefit.

And businesses will know how to configure their MITM-proxies to prevent (O-)DoH or DoT anyway; this will just help the likes of BlueCoat.

H.
Score: 5 Votes (Like | Disagree)
chucker23n1 Avatar
chucker23n1
57 months ago

DNS resolution is something that should be implemented for the OS, not in the browser. The browser in turn can query the OS resolver library. Therefore: thanks but no thanks. Better implement those in the OS resolver library, so ALL applications can benefit.
Apple will most likely implement this in the OS, so…
Score: 3 Votes (Like | Disagree)
Read All Comments