DNS privacy for network service operators
Date: Tuesday, March 6, 2018
Time: 03:45 - 06:00 PM
Room: La Factoria
Skill Level: Intermediate
Duration: 2 hour(s)
Format: Making Better Tech
Presenter: Daniel Kahn Gillmor
The Domain Name System underpins most of our use of the Internet, by providing a way to look up IP addresses from domain names (and other secondary features). Unfortunately, it is not designed by default with privacy in mind. That means that when activists, dissidents, journalists, whistleblowers, or anyone looks up a domain name, they're usually leaking that name to their network operator, providing a simple path for easy metadata collection and analysis of their intended traffic. For example, the network gets to see who is looking up "refugeerights.example", "abortionservices.example", or "blacklivesmatter.example", even if the network services hosted by all of those domains are fully-encrypted. Fortunately, in the last year we've managed to standardize simple basic privacy protections for the DNS, and there's relatively easy software to deploy on the server side. But we need DNS recursive resolver operators who are dedicated to user privacy to ensure that the privacy protections are meaningful. (We'll cover the architectural details for why this is important in the session) This session will describe the basic privacy protections offered by DNS-over-TLS, their limitations, and how DNS-over-TLS servers can be deployed and supported. There are still a few missing pieces of the puzzle, including widespread easy client-side support. We'll discuss what's needed there, and work on ways to complete the gaps.
This session is for network service operators who want to provide public-facing DNS resolvers that can help users avoid tracking by the DNS. We'll cover a couple options for DNS recursive resolver software, how to install and maintain them, and how to provide simple instructions so that users can take advantage of this privacy feature. If you control a system in which you can spin up a private virtual machine with a public IP address to host an new service experimentally, you should join this session! Having more well-known public service operators should also spur the development wider client-side support across a range of operating systems. We'll walk through some standard configurations, and document feature requests for tools that should be improved to set up this sort of service by default.
By the end of the session, we'd like to have several more DNS privacy servers running on the public internet. Depending on the capabilities of the devices people bring to this session, some people should be able to leave the session using private DNS to one of the existing DNS privacy servers. We'd also like to have feature requests / bug reports filed against client side software that needs improvement in support.