OpenDNS ups their security game.
OpenDNS has recently released a new product that adds yet another layer of security that’s available to their users. I’ve written before about how OpenDNS builds some great features into DNS, which is one of the basic technologies that the Internet operates on and now they’ve released a product called DNSCrypt.
Normally, communication between your computer and a DNS server is unencrypted or in “cleartext“. While this may not seem like a big deal, there’s a very real potential for malicious activity to happen. The most common risk is what’s called a Man in the Middle attack where an attacker intercepts your computer’s communications with a DNS server and alters the response, usually redirecting you to a site of their choice which contain malware or trick you into entering personal information without your knowledge. Even if that doesn’t happen, with DNS traffic being in the clear, it’s very easy for anyone little know-how to see where you’re going on the Internet and who’s on the same network as you to follow your moves on the Internet.
DNSCrypt solves these problems by encrypting the communication between your computer and the DNS server. I’ll give an in depth explanation of encryption in a future post, but you can think of an encrypted communication as being scrambled and you have to have the appropriate descrambler to read it. To run DNSCrypt, you install a small application on your computer and check the boxes to enable DNSCrypt. That’s it! Now no one can intercept or tamper with your DNS communications!
I participated in the beta testing for DNSCrypt and even the earliest versions I tested were stable and functional. The application only runs on Mac OS X at the moment, but Windows and Linux versions are in the works.
OpenDNS continues to come up with some very innovative solutions for Internet security and privacy, and I’m sure that we haven’t seen their best yet!